Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
0x0003000000000735-183.dat
-
Size
168KB
-
Sample
230506-r2jrgahe86
-
MD5
757db55f2bfa8548170d057df2329fd0
-
SHA1
e4233da9b945e7189588a713ead993bab327e39d
-
SHA256
a49b27d2134a98b207eb7bf113926b3ba4b25c67a601ec2a12d73c4aa0d044fe
-
SHA512
bf71363bbfef0dfa87b74c6549b1dec904dc41ddf6e6f6f83dde1f7d9213e667a758aec67a120e7341cb422b46d23534e38d3df14fc57be9b811b7532bb5b64a
-
SSDEEP
1536:XxB0RhlTQqlVZRGWggKbrGawXXkLYppppn/GTGqV0buXtXJKmE7n483wYkd8e8h1:XmtGRWUEppppn7qVMQZKmE7n4r8e8h1
Behavioral task
behavioral1
Sample
0x0003000000000735-183.exe
Resource
win7-20230220-en
Malware Config
Extracted
redline
dariy
217.196.96.101:4132
-
auth_value
2f34aa0d1cb1023a826825b68ebedcc8
Targets
-
-
Target
0x0003000000000735-183.dat
-
Size
168KB
-
MD5
757db55f2bfa8548170d057df2329fd0
-
SHA1
e4233da9b945e7189588a713ead993bab327e39d
-
SHA256
a49b27d2134a98b207eb7bf113926b3ba4b25c67a601ec2a12d73c4aa0d044fe
-
SHA512
bf71363bbfef0dfa87b74c6549b1dec904dc41ddf6e6f6f83dde1f7d9213e667a758aec67a120e7341cb422b46d23534e38d3df14fc57be9b811b7532bb5b64a
-
SSDEEP
1536:XxB0RhlTQqlVZRGWggKbrGawXXkLYppppn/GTGqV0buXtXJKmE7n483wYkd8e8h1:XmtGRWUEppppn7qVMQZKmE7n4r8e8h1
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-