Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
inject.zip
-
Size
334KB
-
Sample
230211-ysawjagh98
-
MD5
57687c6490fd4dff74785936efb582fa
-
SHA1
d36c8de8e9807b49ca9c55eaa53c6b7a35aa436e
-
SHA256
a0224249bba012dbeced74e6e79e7f328f0619aaab417c1d21fe795dcbee3d66
-
SHA512
a15b93b2478f13e3543357b9dedacbbfaf93ffa4077945f908a949be59a473b9e8cd99c8df5092591839727ab23072b0ac8e9a7e9905db51c9a71171a19ae525
-
SSDEEP
6144:R2pWagLRk18+8fW23vclpCRBgL+hn7iGUwRzL2V3jFZ4KEMZi:R2pgC18NW23wpCQLsJ32V3jFZ4KEz
Static task
static1
Behavioral task
behavioral1
Sample
inject/loader.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
inject/loader.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
redline
82.115.223.46:57672
-
auth_value
0b419e4e1ec3f5b460f1ca0a8cbe4916
Targets
-
-
Target
inject/loader.exe
-
Size
2.5MB
-
MD5
dd395bc1d5cd54dedca7d49ce67c1e86
-
SHA1
06a0c7fbbf0a371cfa33dba7dc43dc99633cb426
-
SHA256
2d7d8424f6c2664edc9f09504950732cfcb25271cda56b6dc4804e159eba2c29
-
SHA512
56b41adce07ab6041bf9dedd2e549c65151bca48cbe6b5a06c70bb256d954a947a71c3e37e6ffe2cc6782e9170ce7374c8709a95bf2b7ab03a64626902ffedce
-
SSDEEP
6144:c3x2qt7guV4/dm74iqu4X3q08AO7l2D1F9cghcwpCbmsLjSrvSAfa8ka:c4qt7guV4NGHs17cgodjSreC
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-