Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
68eb20a955db5d05d2dcb18d943497b7e051edbe4a16499cd806f9efc2e151eb
-
Size
1.2MB
-
Sample
230302-el3s7aba6x
-
MD5
6d4ac001333c3f71154c85c3d4576123
-
SHA1
7b88e2d3e41de5ae1bdd5c8666e829278dc2797e
-
SHA256
68eb20a955db5d05d2dcb18d943497b7e051edbe4a16499cd806f9efc2e151eb
-
SHA512
37396a96f69916d242e969d060226371c32bf66825b75f682f15dbb1e385b519edefdb758358a36e5c7718d964b083e618abfea56982b989400c5d659db5a8ff
-
SSDEEP
24576:NylV2778Qr5afM7D0iNHUkSuzbVbqoWkkDxin6gP:olwf8Qr5d7D0ydjzbQo3Ixi6g
Static task
static1
Behavioral task
behavioral1
Sample
68eb20a955db5d05d2dcb18d943497b7e051edbe4a16499cd806f9efc2e151eb.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
rouch
193.56.146.11:4162
-
auth_value
1b1735bcfc122c708eae27ca352568de
Extracted
redline
durov
193.56.146.11:4162
-
auth_value
337984645d237df105d30aab7013119f
Targets
-
-
Target
68eb20a955db5d05d2dcb18d943497b7e051edbe4a16499cd806f9efc2e151eb
-
Size
1.2MB
-
MD5
6d4ac001333c3f71154c85c3d4576123
-
SHA1
7b88e2d3e41de5ae1bdd5c8666e829278dc2797e
-
SHA256
68eb20a955db5d05d2dcb18d943497b7e051edbe4a16499cd806f9efc2e151eb
-
SHA512
37396a96f69916d242e969d060226371c32bf66825b75f682f15dbb1e385b519edefdb758358a36e5c7718d964b083e618abfea56982b989400c5d659db5a8ff
-
SSDEEP
24576:NylV2778Qr5afM7D0iNHUkSuzbVbqoWkkDxin6gP:olwf8Qr5d7D0ydjzbQo3Ixi6g
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-