Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
file.exe
-
Size
485KB
-
Sample
230107-3h9dkaad7w
-
MD5
46b4ced716b73e7bfc35daa1c7b83936
-
SHA1
5e1d4219adc65f8da317c21f7e7bb96cb4443528
-
SHA256
a5965f76ccb6fdb4ec6224186ad0770c2da3c469fa31405b1407c403352e778a
-
SHA512
6ffad3065d1206f6b32ee8f0f8b9409190fdb30360cf1e4aa86e0b6e7a9fb61115a2b643c10c896f7ce49ea3648c3d83e805d49728756eeb5d74384fcc41219a
-
SSDEEP
12288:gtRxHnCVQO2aH4FUbgS877NU4DZMLzMIbgvYKywEJ1i:gVHCNBHfbgws8zHbgvYKyNi
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20220812-en
Malware Config
Extracted
redline
@new@2023
77.73.133.62:22344
-
auth_value
8284279aedaed026a9b7cb9c1c0be4e4
Targets
-
-
Target
file.exe
-
Size
485KB
-
MD5
46b4ced716b73e7bfc35daa1c7b83936
-
SHA1
5e1d4219adc65f8da317c21f7e7bb96cb4443528
-
SHA256
a5965f76ccb6fdb4ec6224186ad0770c2da3c469fa31405b1407c403352e778a
-
SHA512
6ffad3065d1206f6b32ee8f0f8b9409190fdb30360cf1e4aa86e0b6e7a9fb61115a2b643c10c896f7ce49ea3648c3d83e805d49728756eeb5d74384fcc41219a
-
SSDEEP
12288:gtRxHnCVQO2aH4FUbgS877NU4DZMLzMIbgvYKywEJ1i:gVHCNBHfbgws8zHbgvYKyNi
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-