Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
c22a56227e866b08fa746d49d23dde85d16b35126f87dd6933535dd921b5754c
-
Size
482KB
-
Sample
230215-lak8bsah4t
-
MD5
3535cb4a86a9f6efb1dcbb4024e12f41
-
SHA1
5b71e1485e21bef1bfe5e2d197244ca87813c8cf
-
SHA256
c22a56227e866b08fa746d49d23dde85d16b35126f87dd6933535dd921b5754c
-
SHA512
3c7109a7e6f8a637117dc696c4e4d4b8273de56aa9b3b5ac200dbe1551a849870dce0a5968c457ae94de8bb5c0ce54bd536413d3f0a2c8f825ff76f2f0470e06
-
SSDEEP
12288:0Mryy90QqiRMtm7B8g/cmNYSz4GU8O5IcS:myFqiM87Bs+FU8OrS
Static task
static1
Behavioral task
behavioral1
Sample
c22a56227e866b08fa746d49d23dde85d16b35126f87dd6933535dd921b5754c.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
redline
fukia
193.233.20.13:4136
-
auth_value
e5783636fbd9e4f0cf9a017bce02e67e
Targets
-
-
Target
c22a56227e866b08fa746d49d23dde85d16b35126f87dd6933535dd921b5754c
-
Size
482KB
-
MD5
3535cb4a86a9f6efb1dcbb4024e12f41
-
SHA1
5b71e1485e21bef1bfe5e2d197244ca87813c8cf
-
SHA256
c22a56227e866b08fa746d49d23dde85d16b35126f87dd6933535dd921b5754c
-
SHA512
3c7109a7e6f8a637117dc696c4e4d4b8273de56aa9b3b5ac200dbe1551a849870dce0a5968c457ae94de8bb5c0ce54bd536413d3f0a2c8f825ff76f2f0470e06
-
SSDEEP
12288:0Mryy90QqiRMtm7B8g/cmNYSz4GU8O5IcS:myFqiM87Bs+FU8OrS
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-