Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
df99ffded671130a004acb37d537829c12c179679ec1f0c3d16d1332c5e08c95
-
Size
491KB
-
Sample
230508-b1rspaad31
-
MD5
b69b22db3b1bd42061c0b43a8b4c56fd
-
SHA1
04cb58877d703add816759bd83a5233590521115
-
SHA256
df99ffded671130a004acb37d537829c12c179679ec1f0c3d16d1332c5e08c95
-
SHA512
eb142a3f450edc1d8eccb94a3f7a76511b433eca05af691dc480fd2ea24ede9c9deedc406c7efda62408d6960ca9c874772187825cdca68264584ae1c31f95e8
-
SSDEEP
6144:Kyy+bnr+op0yN90QE0zFFreWEQZC6Awc8ZZLtKl1JiIfRiV5Bykl2DK6ADkkpuzM:2MrUy90+Pkxwc8Zcr5iVqQ2fPjVh4
Static task
static1
Behavioral task
behavioral1
Sample
df99ffded671130a004acb37d537829c12c179679ec1f0c3d16d1332c5e08c95.exe
Resource
win10-20230220-en
Malware Config
Extracted
redline
lipo
217.196.96.101:4132
-
auth_value
3183df2d03b17daa3c5ecc95e60086a5
Targets
-
-
Target
df99ffded671130a004acb37d537829c12c179679ec1f0c3d16d1332c5e08c95
-
Size
491KB
-
MD5
b69b22db3b1bd42061c0b43a8b4c56fd
-
SHA1
04cb58877d703add816759bd83a5233590521115
-
SHA256
df99ffded671130a004acb37d537829c12c179679ec1f0c3d16d1332c5e08c95
-
SHA512
eb142a3f450edc1d8eccb94a3f7a76511b433eca05af691dc480fd2ea24ede9c9deedc406c7efda62408d6960ca9c874772187825cdca68264584ae1c31f95e8
-
SSDEEP
6144:Kyy+bnr+op0yN90QE0zFFreWEQZC6Awc8ZZLtKl1JiIfRiV5Bykl2DK6ADkkpuzM:2MrUy90+Pkxwc8Zcr5iVqQ2fPjVh4
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Adds Run key to start application
-