Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
9a34ef7ac60544cf57ce2ad68d58ad5e68da5ed5364302d722d9a7cd14005bb8
-
Size
336KB
-
Sample
230202-sb4jmabh2z
-
MD5
be3b54b4733ca24594bb69e3600a1a2b
-
SHA1
1ed99387fb861d04ab636a36861784da67dc4657
-
SHA256
9a34ef7ac60544cf57ce2ad68d58ad5e68da5ed5364302d722d9a7cd14005bb8
-
SHA512
5c1bc3fcab9c8932bb7ec6a3ec2ef82469c1e77b7ff27284d27154c4842a08476ea67ccd17263e64a9491241d08ce16f1e831f2d6406c8fb9a9bf7e0cd873b55
-
SSDEEP
6144:nbDQmioYCCAYp5fRZOVANlZ1iJ5ZccG7uMR9NX23BoIgPEDZCO4lw1JedPlC:nbDQ7LpDcVAN1lDm3BoIgPEDZCO4lw1H
Malware Config
Extracted
redline
24.01
37.220.86.164:29170
-
auth_value
1c7f0aa21138601b5201a3a4a0123991
Targets
-
-
Target
9a34ef7ac60544cf57ce2ad68d58ad5e68da5ed5364302d722d9a7cd14005bb8
-
Size
336KB
-
MD5
be3b54b4733ca24594bb69e3600a1a2b
-
SHA1
1ed99387fb861d04ab636a36861784da67dc4657
-
SHA256
9a34ef7ac60544cf57ce2ad68d58ad5e68da5ed5364302d722d9a7cd14005bb8
-
SHA512
5c1bc3fcab9c8932bb7ec6a3ec2ef82469c1e77b7ff27284d27154c4842a08476ea67ccd17263e64a9491241d08ce16f1e831f2d6406c8fb9a9bf7e0cd873b55
-
SSDEEP
6144:nbDQmioYCCAYp5fRZOVANlZ1iJ5ZccG7uMR9NX23BoIgPEDZCO4lw1JedPlC:nbDQ7LpDcVAN1lDm3BoIgPEDZCO4lw1H
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-