Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
file.exe
-
Size
421KB
-
Sample
230111-xx8gxsea73
-
MD5
c0f63782a29d9595674a6330f92b6433
-
SHA1
cdfbf89efd10897aafbbec728be2af32fdaf26bc
-
SHA256
2286dd3e3eae85e5aa331c9371bb6149bacbb394d8a38b33f1af34dfc1c82b2b
-
SHA512
fa9c633625d836a2703e88551f275cad7fc47a67f6962628700b72a0230e379fdae1ed137caa0c8c30a31916db89d4609d6c1c0bceda1ef7544665dc4556d4c4
-
SSDEEP
6144:Oyk1INKUylH7xgxtNDbYvpyqfm5v4uH9YIJB12QyFP3Zi5HjxFzC:PhNKUUOxtNiyAkv5t7k3Zix
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20221111-en
Malware Config
Extracted
redline
@2023@New
91.215.85.155:32796
-
auth_value
0be5b9b84cd5b707e91a48e341e3f7d7
Targets
-
-
Target
file.exe
-
Size
421KB
-
MD5
c0f63782a29d9595674a6330f92b6433
-
SHA1
cdfbf89efd10897aafbbec728be2af32fdaf26bc
-
SHA256
2286dd3e3eae85e5aa331c9371bb6149bacbb394d8a38b33f1af34dfc1c82b2b
-
SHA512
fa9c633625d836a2703e88551f275cad7fc47a67f6962628700b72a0230e379fdae1ed137caa0c8c30a31916db89d4609d6c1c0bceda1ef7544665dc4556d4c4
-
SSDEEP
6144:Oyk1INKUylH7xgxtNDbYvpyqfm5v4uH9YIJB12QyFP3Zi5HjxFzC:PhNKUUOxtNiyAkv5t7k3Zix
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-