Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
0547312c36dd1a53098c23113b52039354dc194a8535b4b52962990c33b5feba
-
Size
525KB
-
Sample
230306-bysl7sab83
-
MD5
f94148a53b329d97e1c28c12440202b9
-
SHA1
c366b0be10719ecd29dcd0a1843c1a6a7285bb8a
-
SHA256
0547312c36dd1a53098c23113b52039354dc194a8535b4b52962990c33b5feba
-
SHA512
0fbde9b9ada812346b7794e550e458f1bcbdf9b1afd4b8fecd3637d4a67e4d8f56aa6105a86f1bba553f119f4f6ad79e652e9c26c38e4581809628eae2871f0b
-
SSDEEP
12288:TMrny90QbFccV80j3dYTZ6tLXc/GGXk+B9:4yDHWXTZ6LXc/R9
Static task
static1
Behavioral task
behavioral1
Sample
0547312c36dd1a53098c23113b52039354dc194a8535b4b52962990c33b5feba.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
fud
193.233.20.27:4123
-
auth_value
cddc991efd6918ad5321d80dac884b40
Extracted
redline
fabio
193.233.20.27:4123
-
auth_value
56b82736c3f56b13be8e64c87d2cf9e5
Targets
-
-
Target
0547312c36dd1a53098c23113b52039354dc194a8535b4b52962990c33b5feba
-
Size
525KB
-
MD5
f94148a53b329d97e1c28c12440202b9
-
SHA1
c366b0be10719ecd29dcd0a1843c1a6a7285bb8a
-
SHA256
0547312c36dd1a53098c23113b52039354dc194a8535b4b52962990c33b5feba
-
SHA512
0fbde9b9ada812346b7794e550e458f1bcbdf9b1afd4b8fecd3637d4a67e4d8f56aa6105a86f1bba553f119f4f6ad79e652e9c26c38e4581809628eae2871f0b
-
SSDEEP
12288:TMrny90QbFccV80j3dYTZ6tLXc/GGXk+B9:4yDHWXTZ6LXc/R9
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-