Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
3fceb187d5a1e155c96e225fbf5d511271f3c5c513276a86e341a9ed0cdb6bd7
-
Size
1.2MB
-
Sample
230506-1da9vsac51
-
MD5
9cf7f51516771e62d4560302dfd9fed4
-
SHA1
402f81d97740636dbd8e9d04d5e8d9a59ecd44f1
-
SHA256
3fceb187d5a1e155c96e225fbf5d511271f3c5c513276a86e341a9ed0cdb6bd7
-
SHA512
9235f7b74e7d3f6d1e8e7906ad66fd623dc9bc82f27a005ee63d8f55f0158cb95480ff99376ae711cd131d15b60a99e1b2b6a97e9afb147483a2723cbb77d8d6
-
SSDEEP
24576:ky0NGasfqF5mdhzjdXLyTfokn98YoLSgBHIxmhUsmmsNMRf:zLasfLhzjFq2X9BuOUsCN
Static task
static1
Behavioral task
behavioral1
Sample
3fceb187d5a1e155c96e225fbf5d511271f3c5c513276a86e341a9ed0cdb6bd7.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
3fceb187d5a1e155c96e225fbf5d511271f3c5c513276a86e341a9ed0cdb6bd7.exe
Resource
win10v2004-20230221-en
Malware Config
Extracted
redline
luna
217.196.96.56:4138
-
auth_value
16dec8addb01db1c11c59667022ef7a2
Targets
-
-
Target
3fceb187d5a1e155c96e225fbf5d511271f3c5c513276a86e341a9ed0cdb6bd7
-
Size
1.2MB
-
MD5
9cf7f51516771e62d4560302dfd9fed4
-
SHA1
402f81d97740636dbd8e9d04d5e8d9a59ecd44f1
-
SHA256
3fceb187d5a1e155c96e225fbf5d511271f3c5c513276a86e341a9ed0cdb6bd7
-
SHA512
9235f7b74e7d3f6d1e8e7906ad66fd623dc9bc82f27a005ee63d8f55f0158cb95480ff99376ae711cd131d15b60a99e1b2b6a97e9afb147483a2723cbb77d8d6
-
SSDEEP
24576:ky0NGasfqF5mdhzjdXLyTfokn98YoLSgBHIxmhUsmmsNMRf:zLasfLhzjFq2X9BuOUsCN
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-