Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
303262122fa39fdf8381e625e4def3bbb70a08f6ace6f8da04449438c606a3ca
-
Size
336KB
-
Sample
230202-eks8csgf8s
-
MD5
038622c6279b62272933d5e86e1056bb
-
SHA1
d924ada192f407478ff86a2f826783ab92598f96
-
SHA256
303262122fa39fdf8381e625e4def3bbb70a08f6ace6f8da04449438c606a3ca
-
SHA512
c818dac7d5f41df16df20d798310287f1e815d9ddf306d9c2e84b8c20decd33a6d47ef22737882d0c607aade28cd3d1a1bf749a4069c7a01c3552abfce245946
-
SSDEEP
6144:JtYrfgLSe3HNS03+/m3zSJ+TFIzu2s1pG95aGJrzqXK:JtYkGe3HNBzDSETFz2vrz1
Static task
static1
Behavioral task
behavioral1
Sample
303262122fa39fdf8381e625e4def3bbb70a08f6ace6f8da04449438c606a3ca.exe
Resource
win7-20221111-en
Malware Config
Extracted
redline
milaf
193.233.20.5:4136
-
auth_value
68aaee25afe3d0ae7d4db09dea02347c
Targets
-
-
Target
303262122fa39fdf8381e625e4def3bbb70a08f6ace6f8da04449438c606a3ca
-
Size
336KB
-
MD5
038622c6279b62272933d5e86e1056bb
-
SHA1
d924ada192f407478ff86a2f826783ab92598f96
-
SHA256
303262122fa39fdf8381e625e4def3bbb70a08f6ace6f8da04449438c606a3ca
-
SHA512
c818dac7d5f41df16df20d798310287f1e815d9ddf306d9c2e84b8c20decd33a6d47ef22737882d0c607aade28cd3d1a1bf749a4069c7a01c3552abfce245946
-
SSDEEP
6144:JtYrfgLSe3HNS03+/m3zSJ+TFIzu2s1pG95aGJrzqXK:JtYkGe3HNBzDSETFz2vrz1
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-