Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
91f46b746769a986deed4a9b2bea4115b2e026097cd9e06a98fb83f696b01397
-
Size
381KB
-
Sample
230326-m1xjqagc44
-
MD5
0331b3f97d5720cf86835be9a99d2438
-
SHA1
4c2b5d47525b11f802c14bb8588549dd95de948e
-
SHA256
91f46b746769a986deed4a9b2bea4115b2e026097cd9e06a98fb83f696b01397
-
SHA512
3779edd58760eb040e191a96fd030d5aec4d0b4f83ccd0b5302bd2482e8afac95ebabdf4d8363b39db8bc937ea5ae283056afcb003538877e8a6c9bb145e9fef
-
SSDEEP
6144:i8lFvCOdK5ezjFwnr7pHq6LwuE2aVvCG0n8y3WImuSb1UO/nNN4T:flFvjdKA/2r7pHqZlJIB8hgSJU0N
Static task
static1
Malware Config
Extracted
redline
@Germany
185.11.61.125:22344
-
auth_value
9d15d78194367a949e54a07d6ce02c62
Targets
-
-
Target
91f46b746769a986deed4a9b2bea4115b2e026097cd9e06a98fb83f696b01397
-
Size
381KB
-
MD5
0331b3f97d5720cf86835be9a99d2438
-
SHA1
4c2b5d47525b11f802c14bb8588549dd95de948e
-
SHA256
91f46b746769a986deed4a9b2bea4115b2e026097cd9e06a98fb83f696b01397
-
SHA512
3779edd58760eb040e191a96fd030d5aec4d0b4f83ccd0b5302bd2482e8afac95ebabdf4d8363b39db8bc937ea5ae283056afcb003538877e8a6c9bb145e9fef
-
SSDEEP
6144:i8lFvCOdK5ezjFwnr7pHq6LwuE2aVvCG0n8y3WImuSb1UO/nNN4T:flFvjdKA/2r7pHqZlJIB8hgSJU0N
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-