Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
00979437b4cc7205495e3c756ee055d647617c0945a0a157ab5b7dde635eccce.bin
-
Size
543KB
-
Sample
230311-24va4abf87
-
MD5
66541493e865ecb4987cd03ace809213
-
SHA1
72db71fda9f0ce821c17e4039b76a32a94224e22
-
SHA256
00979437b4cc7205495e3c756ee055d647617c0945a0a157ab5b7dde635eccce
-
SHA512
87ba635fbf3a538e2db296f90c266972c1dc63e6f9e1e8577bcffa6ea3fe78a389b666140bc9cf75c7dfa54ed6a62fa9aab65850f8b2b19d32ce6aebd2d81b2b
-
SSDEEP
12288:xMrey9025UmNm/TsBWwoxHUL8n7rfllLAekOWr0C7f4T9KM:LyP5UgB5oOYnllLA8WolR
Static task
static1
Behavioral task
behavioral1
Sample
00979437b4cc7205495e3c756ee055d647617c0945a0a157ab5b7dde635eccce.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
00979437b4cc7205495e3c756ee055d647617c0945a0a157ab5b7dde635eccce.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
rumfa
193.233.20.24:4123
-
auth_value
749d02a6b4ef1fa2ad908e44ec2296dc
Targets
-
-
Target
00979437b4cc7205495e3c756ee055d647617c0945a0a157ab5b7dde635eccce.bin
-
Size
543KB
-
MD5
66541493e865ecb4987cd03ace809213
-
SHA1
72db71fda9f0ce821c17e4039b76a32a94224e22
-
SHA256
00979437b4cc7205495e3c756ee055d647617c0945a0a157ab5b7dde635eccce
-
SHA512
87ba635fbf3a538e2db296f90c266972c1dc63e6f9e1e8577bcffa6ea3fe78a389b666140bc9cf75c7dfa54ed6a62fa9aab65850f8b2b19d32ce6aebd2d81b2b
-
SSDEEP
12288:xMrey9025UmNm/TsBWwoxHUL8n7rfllLAekOWr0C7f4T9KM:LyP5UgB5oOYnllLA8WolR
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-