Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
7fe0e5642a01386e950d21d1cd2e5aa171e6b6e403100e9842809a240466b4f1
-
Size
793KB
-
Sample
230505-w7p8nafh2w
-
MD5
89502c6c153edde186731b3374d803dd
-
SHA1
50535f39cee7d9d53333bef4bf702af8a9283743
-
SHA256
7fe0e5642a01386e950d21d1cd2e5aa171e6b6e403100e9842809a240466b4f1
-
SHA512
aacb5b9092adda55ff623abdc754d1479074795d88deaaaff0ea42ca8342d8c510384654a3cbf0efa6ac15a7ea4519421e18a4cf3467128074059a8ed8cff905
-
SSDEEP
24576:Byecjv2SbngMnoRGOj8bD9q5LlhSOjLwe:0eXMohp5Ljfvw
Static task
static1
Behavioral task
behavioral1
Sample
7fe0e5642a01386e950d21d1cd2e5aa171e6b6e403100e9842809a240466b4f1.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
7fe0e5642a01386e950d21d1cd2e5aa171e6b6e403100e9842809a240466b4f1.exe
Resource
win10v2004-20230221-en
Malware Config
Extracted
redline
gena
185.161.248.73:4164
-
auth_value
d05bf43eef533e262271449829751d07
Extracted
redline
dante
185.161.248.73:4164
-
auth_value
f4066af6b8a6f23125c8ee48288a3f90
Targets
-
-
Target
7fe0e5642a01386e950d21d1cd2e5aa171e6b6e403100e9842809a240466b4f1
-
Size
793KB
-
MD5
89502c6c153edde186731b3374d803dd
-
SHA1
50535f39cee7d9d53333bef4bf702af8a9283743
-
SHA256
7fe0e5642a01386e950d21d1cd2e5aa171e6b6e403100e9842809a240466b4f1
-
SHA512
aacb5b9092adda55ff623abdc754d1479074795d88deaaaff0ea42ca8342d8c510384654a3cbf0efa6ac15a7ea4519421e18a4cf3467128074059a8ed8cff905
-
SSDEEP
24576:Byecjv2SbngMnoRGOj8bD9q5LlhSOjLwe:0eXMohp5Ljfvw
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-