Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
519850fddd2741313995a32945a4381e52c045b393796b65a97b0558de2d80cf
-
Size
478KB
-
Sample
230509-dtxfpsfh7y
-
MD5
74bd62a42148bf60224d73bc16f75b3f
-
SHA1
5a276efb3826f7aa432bdf0d3444237dddd2c663
-
SHA256
519850fddd2741313995a32945a4381e52c045b393796b65a97b0558de2d80cf
-
SHA512
cf08c1635c359ce51e32903bb607f4b6c6d0d013dcd722e7020c1073216b3b4d5a1e743f7b8efb46682af660ddaaa5b49160c90f96db7d29a75cbbbec6921aa5
-
SSDEEP
12288:jMrUy90MZz13w5c0WR2QKTONOgDUT+j7MTMbEvZJrnQdkwV:nyhZz13K4bMOckB7rEB1QSwV
Static task
static1
Behavioral task
behavioral1
Sample
519850fddd2741313995a32945a4381e52c045b393796b65a97b0558de2d80cf.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
dumud
217.196.96.101:4132
-
auth_value
3e18d4b90418aa3e78d8822e87c62f5c
Targets
-
-
Target
519850fddd2741313995a32945a4381e52c045b393796b65a97b0558de2d80cf
-
Size
478KB
-
MD5
74bd62a42148bf60224d73bc16f75b3f
-
SHA1
5a276efb3826f7aa432bdf0d3444237dddd2c663
-
SHA256
519850fddd2741313995a32945a4381e52c045b393796b65a97b0558de2d80cf
-
SHA512
cf08c1635c359ce51e32903bb607f4b6c6d0d013dcd722e7020c1073216b3b4d5a1e743f7b8efb46682af660ddaaa5b49160c90f96db7d29a75cbbbec6921aa5
-
SSDEEP
12288:jMrUy90MZz13w5c0WR2QKTONOgDUT+j7MTMbEvZJrnQdkwV:nyhZz13K4bMOckB7rEB1QSwV
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-