Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
07c3c82edd5569661f983566b2208bf3c4e263e20c44c3ce27634c8db10f1d8e
-
Size
479KB
-
Sample
230508-q4byzaah76
-
MD5
c97c8971d5d18e8a914b3f5e00bd6eb5
-
SHA1
e6b8196b368efc9b1ca0886a53c41bf0a8d3111b
-
SHA256
07c3c82edd5569661f983566b2208bf3c4e263e20c44c3ce27634c8db10f1d8e
-
SHA512
7ffb2153c1506246bd13e02232c3e2c3c7788ef51167c4c2924ad9fa02ec9c79f4205d0031429053417f21a9c12f5ad1e1700e50bfcb01b01327be3f8a645c2d
-
SSDEEP
12288:gMrby90AhiWSk+tmeEBBRzf85GBEfNn1Unx6Du9d6:ryBwHkx+5fn18x3d6
Static task
static1
Behavioral task
behavioral1
Sample
07c3c82edd5569661f983566b2208bf3c4e263e20c44c3ce27634c8db10f1d8e.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
dona
217.196.96.101:4132
-
auth_value
9fbb198992bbc83a84ab1f21384813e3
Targets
-
-
Target
07c3c82edd5569661f983566b2208bf3c4e263e20c44c3ce27634c8db10f1d8e
-
Size
479KB
-
MD5
c97c8971d5d18e8a914b3f5e00bd6eb5
-
SHA1
e6b8196b368efc9b1ca0886a53c41bf0a8d3111b
-
SHA256
07c3c82edd5569661f983566b2208bf3c4e263e20c44c3ce27634c8db10f1d8e
-
SHA512
7ffb2153c1506246bd13e02232c3e2c3c7788ef51167c4c2924ad9fa02ec9c79f4205d0031429053417f21a9c12f5ad1e1700e50bfcb01b01327be3f8a645c2d
-
SSDEEP
12288:gMrby90AhiWSk+tmeEBBRzf85GBEfNn1Unx6Du9d6:ryBwHkx+5fn18x3d6
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-