Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
4a191c762591703dbbfabfcc04586b778ba2c93d2ae0f26041c95da21b87dc5e
-
Size
251KB
-
Sample
230215-v6awxacg9s
-
MD5
a964af3c28ddb8261c7fcb4a2c32bca9
-
SHA1
9183e0d998b16edcef55c12d28386a1ee657de7b
-
SHA256
4a191c762591703dbbfabfcc04586b778ba2c93d2ae0f26041c95da21b87dc5e
-
SHA512
ea3e91dbfbe38a234a8d7957f7854e68377b8db1b181a0e9064b050403345c64a333bd41f702187be88a6e05bc991e0b59e34813f44acd219c88aafb931d1466
-
SSDEEP
6144:zaAELcw3oMjkYvQUbsKidemEt9cr+cOz+8nWIYT+H0iF47wO:zaAELcw3oMjkYvQUbs9dcI+cOw7T+Hbu
Static task
static1
Behavioral task
behavioral1
Sample
4a191c762591703dbbfabfcc04586b778ba2c93d2ae0f26041c95da21b87dc5e.exe
Resource
win10-20220812-en
Malware Config
Extracted
redline
95.217.146.176:4287
-
auth_value
a909e2aaecf96137978fea4f86400b9b
Targets
-
-
Target
4a191c762591703dbbfabfcc04586b778ba2c93d2ae0f26041c95da21b87dc5e
-
Size
251KB
-
MD5
a964af3c28ddb8261c7fcb4a2c32bca9
-
SHA1
9183e0d998b16edcef55c12d28386a1ee657de7b
-
SHA256
4a191c762591703dbbfabfcc04586b778ba2c93d2ae0f26041c95da21b87dc5e
-
SHA512
ea3e91dbfbe38a234a8d7957f7854e68377b8db1b181a0e9064b050403345c64a333bd41f702187be88a6e05bc991e0b59e34813f44acd219c88aafb931d1466
-
SSDEEP
6144:zaAELcw3oMjkYvQUbsKidemEt9cr+cOz+8nWIYT+H0iF47wO:zaAELcw3oMjkYvQUbs9dcI+cOw7T+Hbu
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-