Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
50b5c063b84fa93a0d88262b8a98ecb890a929db4cca6274512acdce966bd981
-
Size
569KB
-
Sample
230308-k7crsafa79
-
MD5
6b28be7f16379c64d944eef683b7d713
-
SHA1
86302206929fdbc9ccac6fc3de9e16f84417f038
-
SHA256
50b5c063b84fa93a0d88262b8a98ecb890a929db4cca6274512acdce966bd981
-
SHA512
cca9c9c16f0627848f2feb4318add2274adc245c5d622c8c09621ad07acad6ce68f68a9eeef57b24f7f1bdf626f4c5d465cc2fb54e9b4a9e9bb4049d9b65c5eb
-
SSDEEP
12288:OMrMy905ahimz7AuxqVufv2t1GWFb2jSrIhc8V5J:KywsVAuxYufvcbgjS8e8t
Static task
static1
Behavioral task
behavioral1
Sample
50b5c063b84fa93a0d88262b8a98ecb890a929db4cca6274512acdce966bd981.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
fud
193.233.20.27:4123
-
auth_value
cddc991efd6918ad5321d80dac884b40
Targets
-
-
Target
50b5c063b84fa93a0d88262b8a98ecb890a929db4cca6274512acdce966bd981
-
Size
569KB
-
MD5
6b28be7f16379c64d944eef683b7d713
-
SHA1
86302206929fdbc9ccac6fc3de9e16f84417f038
-
SHA256
50b5c063b84fa93a0d88262b8a98ecb890a929db4cca6274512acdce966bd981
-
SHA512
cca9c9c16f0627848f2feb4318add2274adc245c5d622c8c09621ad07acad6ce68f68a9eeef57b24f7f1bdf626f4c5d465cc2fb54e9b4a9e9bb4049d9b65c5eb
-
SSDEEP
12288:OMrMy905ahimz7AuxqVufv2t1GWFb2jSrIhc8V5J:KywsVAuxYufvcbgjS8e8t
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-