Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
tmp
-
Size
531KB
-
Sample
230312-nfcjgsdf52
-
MD5
0787c11e305fb59655414af8d09ec63e
-
SHA1
50cc0591c756bb4481b406ca82599c8f7f54c259
-
SHA256
20e74bc79bfb0532144cf64baa086221b3a5af9c0da8725c2cc45d440977a5c0
-
SHA512
2d74f1a08ecf923353b233be58b74f441890b84223f9f82b55f781fb21e1aae6abf537bd2c3cb6bee0a22ab4e44fb26071a2e8072cfd1520100fcb0389f5bab2
-
SSDEEP
12288:lMr+y90FcFQdl2V+rOZoKH4dMZIpoGSfS09MbviKtzKw:ryiFkVJp4d5OGoODi2Kw
Static task
static1
Behavioral task
behavioral1
Sample
tmp.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
tmp.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
dubik
193.233.20.17:4139
-
auth_value
05136deb26ad700ca57d43b1de454f46
Targets
-
-
Target
tmp
-
Size
531KB
-
MD5
0787c11e305fb59655414af8d09ec63e
-
SHA1
50cc0591c756bb4481b406ca82599c8f7f54c259
-
SHA256
20e74bc79bfb0532144cf64baa086221b3a5af9c0da8725c2cc45d440977a5c0
-
SHA512
2d74f1a08ecf923353b233be58b74f441890b84223f9f82b55f781fb21e1aae6abf537bd2c3cb6bee0a22ab4e44fb26071a2e8072cfd1520100fcb0389f5bab2
-
SSDEEP
12288:lMr+y90FcFQdl2V+rOZoKH4dMZIpoGSfS09MbviKtzKw:ryiFkVJp4d5OGoODi2Kw
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-