Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
0d60479b5f27880b29b3c8e34485205db637c842f21c48df19ffe7e0f1d09add
-
Size
479KB
-
Sample
230508-scj7dabb94
-
MD5
d808fb85bc274a79429fa4d86df30033
-
SHA1
319db477b5c5e3ca1693d593af93a272890747c1
-
SHA256
0d60479b5f27880b29b3c8e34485205db637c842f21c48df19ffe7e0f1d09add
-
SHA512
963abb547ecbfacb90735aa99ef891de72582d770f915f0c33e489ea5e220200da85b87a7cd44962de2e8d813dc141bb88e7f42b9f1d940a3c5c7a2ff052e81f
-
SSDEEP
12288:7Mrey90mIz84uI4RoGIhTG+ww4goxuR3xa4gqXXB:ty4yWhTh4pa3jgqXR
Static task
static1
Behavioral task
behavioral1
Sample
0d60479b5f27880b29b3c8e34485205db637c842f21c48df19ffe7e0f1d09add.exe
Resource
win10-20230220-en
Malware Config
Extracted
redline
dona
217.196.96.101:4132
-
auth_value
9fbb198992bbc83a84ab1f21384813e3
Targets
-
-
Target
0d60479b5f27880b29b3c8e34485205db637c842f21c48df19ffe7e0f1d09add
-
Size
479KB
-
MD5
d808fb85bc274a79429fa4d86df30033
-
SHA1
319db477b5c5e3ca1693d593af93a272890747c1
-
SHA256
0d60479b5f27880b29b3c8e34485205db637c842f21c48df19ffe7e0f1d09add
-
SHA512
963abb547ecbfacb90735aa99ef891de72582d770f915f0c33e489ea5e220200da85b87a7cd44962de2e8d813dc141bb88e7f42b9f1d940a3c5c7a2ff052e81f
-
SSDEEP
12288:7Mrey90mIz84uI4RoGIhTG+ww4goxuR3xa4gqXXB:ty4yWhTh4pa3jgqXR
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-