Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
tmp
-
Size
175KB
-
Sample
230131-h4ee4afc33
-
MD5
a7836eb23a023808fedb12c080314dc7
-
SHA1
f7a3d881b8a3087b7cc8e8b2efd0efa2d745e49b
-
SHA256
bf5e49b09c2c5a21efb1b68d246fa57ecfd37f77e36b087f785f5079096f416e
-
SHA512
78e96bd870ad4a36be3599832acba2210722c350b3970adec7c0ac0186ecd3639e28efa18c193a520fdf157ef4d8d238f60f2d8cce748b797ffeb0ac9614dc61
-
SSDEEP
3072:ExqZWWFa7E6T8WDbta4keK49rh+7xNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOF:aqZPWDbtxLrh
Behavioral task
behavioral1
Sample
tmp.exe
Resource
win7-20221111-en
Malware Config
Extracted
redline
sw49
49.12.247.184:18430
-
auth_value
d4cac5c7f31fb979d374fc8137a9b10b
Targets
-
-
Target
tmp
-
Size
175KB
-
MD5
a7836eb23a023808fedb12c080314dc7
-
SHA1
f7a3d881b8a3087b7cc8e8b2efd0efa2d745e49b
-
SHA256
bf5e49b09c2c5a21efb1b68d246fa57ecfd37f77e36b087f785f5079096f416e
-
SHA512
78e96bd870ad4a36be3599832acba2210722c350b3970adec7c0ac0186ecd3639e28efa18c193a520fdf157ef4d8d238f60f2d8cce748b797ffeb0ac9614dc61
-
SSDEEP
3072:ExqZWWFa7E6T8WDbta4keK49rh+7xNn2pU9f2MKTV/wi4lr55R9TxlnsPsUw0jOF:aqZPWDbtxLrh
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-