Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
089a8afdbd2da31e6180ea0d8a85b3e1.bin.exe
-
Size
346KB
-
Sample
230420-eym89sfe26
-
MD5
089a8afdbd2da31e6180ea0d8a85b3e1
-
SHA1
7126a510297ca035b255abbeefab4385830b3ab2
-
SHA256
319875a4c7898ae0f636f5ee26e14172008724c4567eacfba7a36aa4b2a413c4
-
SHA512
584bcf8e1b5e0dc90cf2f26a7896f8bd19dfdbc461d3d1e241e4643db2782b67acecb7c9687044658cfb1a44f73e68351513ff5108d17b26ed7d85268d2d7d0f
-
SSDEEP
6144:cT11Ka2T5jBmjEKCPcuyflTX8deh8I5jAriUzU:cT1aTvmjZCZolT+I5Urh
Static task
static1
Behavioral task
behavioral1
Sample
089a8afdbd2da31e6180ea0d8a85b3e1.bin.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
089a8afdbd2da31e6180ea0d8a85b3e1.bin.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
@COSMICCLOUDADMIN
20.226.69.130:30497
-
auth_value
0c9b7221bd50ac4f7beb692ba88b2c78
Targets
-
-
Target
089a8afdbd2da31e6180ea0d8a85b3e1.bin.exe
-
Size
346KB
-
MD5
089a8afdbd2da31e6180ea0d8a85b3e1
-
SHA1
7126a510297ca035b255abbeefab4385830b3ab2
-
SHA256
319875a4c7898ae0f636f5ee26e14172008724c4567eacfba7a36aa4b2a413c4
-
SHA512
584bcf8e1b5e0dc90cf2f26a7896f8bd19dfdbc461d3d1e241e4643db2782b67acecb7c9687044658cfb1a44f73e68351513ff5108d17b26ed7d85268d2d7d0f
-
SSDEEP
6144:cT11Ka2T5jBmjEKCPcuyflTX8deh8I5jAriUzU:cT1aTvmjZCZolT+I5Urh
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-