Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
c10be29a8627038dae52891fb7dd2a3ba63af3709e5bc6dd27032db367d2e7db
-
Size
354KB
-
Sample
230104-tjsmrsca7w
-
MD5
0a7abae3ad10992088d18900ce46b028
-
SHA1
721fbb3899b3715f0e0a0d8c9b4b4010698a6dd4
-
SHA256
c10be29a8627038dae52891fb7dd2a3ba63af3709e5bc6dd27032db367d2e7db
-
SHA512
a3d9682da8b8226c084e0d4ef292cceffdea2798fb6be74aeb978530eda5bcad39e21307f1fc378c65da215770c3e5a321470480ab97a44b0cc294db76a85751
-
SSDEEP
6144:uBCl5mIuQVNkMG2Ui1TNVAOj6/Wx72Lkc9kALq5T:YCTmIpGCNJey9c9pq5
Static task
static1
Behavioral task
behavioral1
Sample
c10be29a8627038dae52891fb7dd2a3ba63af3709e5bc6dd27032db367d2e7db.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
redline
pub2
89.22.231.25:45245
-
auth_value
ea9464d486a641bb513057e5f63399e1
Targets
-
-
Target
c10be29a8627038dae52891fb7dd2a3ba63af3709e5bc6dd27032db367d2e7db
-
Size
354KB
-
MD5
0a7abae3ad10992088d18900ce46b028
-
SHA1
721fbb3899b3715f0e0a0d8c9b4b4010698a6dd4
-
SHA256
c10be29a8627038dae52891fb7dd2a3ba63af3709e5bc6dd27032db367d2e7db
-
SHA512
a3d9682da8b8226c084e0d4ef292cceffdea2798fb6be74aeb978530eda5bcad39e21307f1fc378c65da215770c3e5a321470480ab97a44b0cc294db76a85751
-
SSDEEP
6144:uBCl5mIuQVNkMG2Ui1TNVAOj6/Wx72Lkc9kALq5T:YCTmIpGCNJey9c9pq5
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Uses the VBS compiler for execution
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-