Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
c399c3d52b5dc4d60230e1da4daf358d.bin
-
Size
354KB
-
Sample
230424-cgfrraag81
-
MD5
c399c3d52b5dc4d60230e1da4daf358d
-
SHA1
52f59971296960fda1376f7731b797049a7965c3
-
SHA256
50ab57ec39642fb2d98e3bd5b412eb0b90db8f6c4d8c19993d534186073f1c04
-
SHA512
dd80306d9c7a6f7a1062b5834fd3ccd9b295ce021fd3ee86e8a3406811fbb6b1a2f8ac4e5a901653ad9490f5a22b01c92f234655fa6008d0aca70f153f952f3c
-
SSDEEP
6144:eLbeeki6964UMvt1M3U7AOA2Woe+yYzFQ0eh/eUfhMLa5/:AiekcWx7a0yZ0XUfAa5
Static task
static1
Behavioral task
behavioral1
Sample
c399c3d52b5dc4d60230e1da4daf358d.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
c399c3d52b5dc4d60230e1da4daf358d.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
pub2
89.22.231.25:45245
-
auth_value
ea9464d486a641bb513057e5f63399e1
Targets
-
-
Target
c399c3d52b5dc4d60230e1da4daf358d.bin
-
Size
354KB
-
MD5
c399c3d52b5dc4d60230e1da4daf358d
-
SHA1
52f59971296960fda1376f7731b797049a7965c3
-
SHA256
50ab57ec39642fb2d98e3bd5b412eb0b90db8f6c4d8c19993d534186073f1c04
-
SHA512
dd80306d9c7a6f7a1062b5834fd3ccd9b295ce021fd3ee86e8a3406811fbb6b1a2f8ac4e5a901653ad9490f5a22b01c92f234655fa6008d0aca70f153f952f3c
-
SSDEEP
6144:eLbeeki6964UMvt1M3U7AOA2Woe+yYzFQ0eh/eUfhMLa5/:AiekcWx7a0yZ0XUfAa5
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-