Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
74c9111723d8381390bd276efe5fba3b942d6bd53f1a6abab63258c9327ba010
-
Size
694KB
-
Sample
230303-e585baff9s
-
MD5
b5b28a29864da3f471c40f4150b5c145
-
SHA1
c992401ac17883a5147025706b2ca1ed2916ef52
-
SHA256
74c9111723d8381390bd276efe5fba3b942d6bd53f1a6abab63258c9327ba010
-
SHA512
56cbd73a537308ba4e605eecbbc900200cb4e193c24fd5f5be087501e00e83d50b2ca751f9542ea3d8165a8865595508b12aa332daede5bb1c2555938fa8f1a4
-
SSDEEP
12288:oMrOy90leU0VFU2PflrNkGyOk0xbC+9hqmw/TE8dTNIYHL:2yUKVFVP9JkGyOXgJx5L
Static task
static1
Behavioral task
behavioral1
Sample
74c9111723d8381390bd276efe5fba3b942d6bd53f1a6abab63258c9327ba010.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
ruzhpe
pepunn.com:4162
-
auth_value
f735ced96ae8d01d0bd1d514240e54e0
Extracted
redline
fchan
pepunn.com:4162
-
auth_value
127bd53d55e8c4f0dd2f6e1ea60deef4
Targets
-
-
Target
74c9111723d8381390bd276efe5fba3b942d6bd53f1a6abab63258c9327ba010
-
Size
694KB
-
MD5
b5b28a29864da3f471c40f4150b5c145
-
SHA1
c992401ac17883a5147025706b2ca1ed2916ef52
-
SHA256
74c9111723d8381390bd276efe5fba3b942d6bd53f1a6abab63258c9327ba010
-
SHA512
56cbd73a537308ba4e605eecbbc900200cb4e193c24fd5f5be087501e00e83d50b2ca751f9542ea3d8165a8865595508b12aa332daede5bb1c2555938fa8f1a4
-
SSDEEP
12288:oMrOy90leU0VFU2PflrNkGyOk0xbC+9hqmw/TE8dTNIYHL:2yUKVFVP9JkGyOXgJx5L
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-