Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
7a24978d3b417daf1083a4b5adae2fa8a5e6187e7bb3ed41a9b21bc88967a762
-
Size
378KB
-
Sample
230326-ex9qwahd8s
-
MD5
4cceff0ec2bfb40256fb5e1ff1f1069f
-
SHA1
a8d73dc960392b379d629df61b3fcd07ce9fb9b6
-
SHA256
7a24978d3b417daf1083a4b5adae2fa8a5e6187e7bb3ed41a9b21bc88967a762
-
SHA512
1a80817fb4157a3a63e1a5a21cc843e226945339b964f799e3495f539765f475eb7a29940fb5c2ea46cf0e99abcd2c1f1c238494c3059b7954d0767a4a157c91
-
SSDEEP
6144:Eg1PXP9KwXxAHmtQBqwg33MEptKD1P8QpTfz:Eg1H9VXMmmAVcuoD9dz
Static task
static1
Malware Config
Extracted
redline
koreamon
koreamonitoring.com:80
-
auth_value
1a0e1a9f491ef3df873a03577dfa10aa
Targets
-
-
Target
7a24978d3b417daf1083a4b5adae2fa8a5e6187e7bb3ed41a9b21bc88967a762
-
Size
378KB
-
MD5
4cceff0ec2bfb40256fb5e1ff1f1069f
-
SHA1
a8d73dc960392b379d629df61b3fcd07ce9fb9b6
-
SHA256
7a24978d3b417daf1083a4b5adae2fa8a5e6187e7bb3ed41a9b21bc88967a762
-
SHA512
1a80817fb4157a3a63e1a5a21cc843e226945339b964f799e3495f539765f475eb7a29940fb5c2ea46cf0e99abcd2c1f1c238494c3059b7954d0767a4a157c91
-
SSDEEP
6144:Eg1PXP9KwXxAHmtQBqwg33MEptKD1P8QpTfz:Eg1H9VXMmmAVcuoD9dz
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-