Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
5f558071095f4f97f72828923886a14bab190c9ca85c42c5afc54893102d0d38
-
Size
1.5MB
-
Sample
230506-1279haba98
-
MD5
3810e4d620629e89095d2024a5dd8f91
-
SHA1
b14697dadf5bf56dad70d8bc3bd5ef6c1e35a63d
-
SHA256
5f558071095f4f97f72828923886a14bab190c9ca85c42c5afc54893102d0d38
-
SHA512
2280c3fd9da69c1d24e75a7460bb4df9377d693e9c8e368e45f01b2fc40bb594c58b4f0fb54ec17a853e3c46bdded390b78dcc32e74ac96b1d077a7f9c392399
-
SSDEEP
49152:aEj3GmxrubgyTCBNRYr62Q5il/do5dGal:F9qbgmCKrnV/S5dxl
Static task
static1
Behavioral task
behavioral1
Sample
5f558071095f4f97f72828923886a14bab190c9ca85c42c5afc54893102d0d38.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
5f558071095f4f97f72828923886a14bab190c9ca85c42c5afc54893102d0d38.exe
Resource
win10v2004-20230221-en
Malware Config
Extracted
redline
maxbi
185.161.248.73:4164
-
auth_value
6aa7dba884fe45693dfa04c91440daef
Targets
-
-
Target
5f558071095f4f97f72828923886a14bab190c9ca85c42c5afc54893102d0d38
-
Size
1.5MB
-
MD5
3810e4d620629e89095d2024a5dd8f91
-
SHA1
b14697dadf5bf56dad70d8bc3bd5ef6c1e35a63d
-
SHA256
5f558071095f4f97f72828923886a14bab190c9ca85c42c5afc54893102d0d38
-
SHA512
2280c3fd9da69c1d24e75a7460bb4df9377d693e9c8e368e45f01b2fc40bb594c58b4f0fb54ec17a853e3c46bdded390b78dcc32e74ac96b1d077a7f9c392399
-
SSDEEP
49152:aEj3GmxrubgyTCBNRYr62Q5il/do5dGal:F9qbgmCKrnV/S5dxl
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-