Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
cce03db758554e7162259948e471d558d97ffb02ed5284debfcc9c2ad4dd1040
-
Size
659KB
-
Sample
230304-fx5ycsch44
-
MD5
09ee40cdf9bb0ac0f8d08893a4308016
-
SHA1
d099b1f19f300691f8621928eb33fd5c5f011cfd
-
SHA256
cce03db758554e7162259948e471d558d97ffb02ed5284debfcc9c2ad4dd1040
-
SHA512
93984354f963acd12a35aebcd4032cfeba2df057ab761ff8c0576e0e5429e0c1215c7c5fcbc06eb63e8bd60962d12e128c150b7372f4e50620e8626f203eee8a
-
SSDEEP
12288:TMrgy90evpJcRtH7lUJW6TEvmeiLjhklnwfoio1AwAQEiXTG9g:Hy2tH5sxEOjjhInMcHXTX
Static task
static1
Behavioral task
behavioral1
Sample
cce03db758554e7162259948e471d558d97ffb02ed5284debfcc9c2ad4dd1040.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
rosto
hueref.eu:4162
-
auth_value
07d81eba8cad42bbd0ae60042d48eac6
Extracted
redline
foksa
hueref.eu:4162
-
auth_value
6a9b2601a21672b285de3ed41b5402e4
Targets
-
-
Target
cce03db758554e7162259948e471d558d97ffb02ed5284debfcc9c2ad4dd1040
-
Size
659KB
-
MD5
09ee40cdf9bb0ac0f8d08893a4308016
-
SHA1
d099b1f19f300691f8621928eb33fd5c5f011cfd
-
SHA256
cce03db758554e7162259948e471d558d97ffb02ed5284debfcc9c2ad4dd1040
-
SHA512
93984354f963acd12a35aebcd4032cfeba2df057ab761ff8c0576e0e5429e0c1215c7c5fcbc06eb63e8bd60962d12e128c150b7372f4e50620e8626f203eee8a
-
SSDEEP
12288:TMrgy90evpJcRtH7lUJW6TEvmeiLjhklnwfoio1AwAQEiXTG9g:Hy2tH5sxEOjjhInMcHXTX
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-