Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Wondershare Filmora v.4.6.23617.rar
-
Size
1.9MB
-
Sample
230416-l6gj1sbd8z
-
MD5
00e3b13ed0cc36202ad336383859c153
-
SHA1
50454704d98181f3779e39f6ca93a908ad19b9dd
-
SHA256
bd60655a397d6d029aacfd312d1a6be886fa49cb305e2cf4fedac257de486959
-
SHA512
a829b6cd0a7492c5b67acef126b9a403624818e451f885f85dde2ed2f07272f57962687b4c2fd5372f8c4d30455fe3e5589ad8179339378dd0a8a183243f9fb9
-
SSDEEP
49152:giDaXDhruURY2ThLwKU9k1XPQngVgFXzotEOf8QFmGhdH9+r:p+uUY2NEKv1XPQgmXzoDtdhFe
Static task
static1
Behavioral task
behavioral1
Sample
Setup.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
Setup.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
45.15.157.147:37535
-
auth_value
1f773219e771b9b31c9aa0165d4091a5
Targets
-
-
Target
Setup.exe
-
Size
337KB
-
MD5
2c496d5541356d5b1a76946bbb180f8d
-
SHA1
70653fd16c50e55d01b04cf47a43377e77f7ed9d
-
SHA256
8c585bd8737ad360171f432d99d9956a81359f19805c036f235114fddc9fe100
-
SHA512
ff671f48fe9bb5201c4be79a6bd92052b709610303cdc735fee1c20c1740e462c2d4699f490569954ac331749a351f9a6b0b27830b5ffe8132d47f0e8a350dd6
-
SSDEEP
6144:T77OiBpUF6cGO/5cAcgIfKHbSlHyLK6SlOkNxLO8BlvI:T7aifUF65OZGKHy6SlOhG
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Find unpacked information stealer based on possible SQL query to retrieve broswer data
Detects infostealer.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-