Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
d26b2ccd400f4c84daca8aeb7d13f7ec193582e2f3e12886ba36528d9ae5adff
-
Size
290KB
-
Sample
230330-yvst5afe6v
-
MD5
30d8ae6daeb6a52a9da20f67b9c78db8
-
SHA1
d3ceb85169d00608be205593d8380f5d43491dad
-
SHA256
d26b2ccd400f4c84daca8aeb7d13f7ec193582e2f3e12886ba36528d9ae5adff
-
SHA512
78f47115733e609f3593643e827c77491c778f98f5c754de226968726df99d0a8651d32c35ec160eabbd55cbc066bedbb36cdf2796d252da191724b94707b5a2
-
SSDEEP
3072:8mYIClSZ1KSEfCYEI4y1cDTMkuqC8Os1oAXFHPGxAN3LVvh8Z8rMIA3Dr+3yb2fL:BsSEf19cKj8n1oAXJP7N8JIRyq
Static task
static1
Behavioral task
behavioral1
Sample
d26b2ccd400f4c84daca8aeb7d13f7ec193582e2f3e12886ba36528d9ae5adff.exe
Resource
win10-20230220-en
Malware Config
Extracted
redline
135.181.173.163:4325
-
auth_value
a909e2aaecf96137978fea4f86400b9b
Targets
-
-
Target
d26b2ccd400f4c84daca8aeb7d13f7ec193582e2f3e12886ba36528d9ae5adff
-
Size
290KB
-
MD5
30d8ae6daeb6a52a9da20f67b9c78db8
-
SHA1
d3ceb85169d00608be205593d8380f5d43491dad
-
SHA256
d26b2ccd400f4c84daca8aeb7d13f7ec193582e2f3e12886ba36528d9ae5adff
-
SHA512
78f47115733e609f3593643e827c77491c778f98f5c754de226968726df99d0a8651d32c35ec160eabbd55cbc066bedbb36cdf2796d252da191724b94707b5a2
-
SSDEEP
3072:8mYIClSZ1KSEfCYEI4y1cDTMkuqC8Os1oAXFHPGxAN3LVvh8Z8rMIA3Dr+3yb2fL:BsSEf19cKj8n1oAXJP7N8JIRyq
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-