Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
286e2f0005e5dd19e3b8ef0d62313c2114ec78d646e5e172b75c3dc5055e170c
-
Size
481KB
-
Sample
230509-njbrcshd9x
-
MD5
75aeca15f9482c83fef3ec725721bf14
-
SHA1
131bb41ffd1adb74e32ac9857c628f21f9c25cf5
-
SHA256
286e2f0005e5dd19e3b8ef0d62313c2114ec78d646e5e172b75c3dc5055e170c
-
SHA512
a935ca628724181a619f4d7b022e434f2249c62ac459169dcb3235e4409c4a46e5274f630157e4d4367d197366938c0d3c4becd733f550af6afba128b4685647
-
SSDEEP
12288:XMrhy90HP5y6FwFhi47xAEBGZt1e+9YG:Oy0jwtlA8GFeTG
Static task
static1
Behavioral task
behavioral1
Sample
286e2f0005e5dd19e3b8ef0d62313c2114ec78d646e5e172b75c3dc5055e170c.exe
Resource
win10-20230220-en
Malware Config
Extracted
redline
mofun
217.196.96.101:4132
-
auth_value
da5d4987d25c2de43d34fcc99b29fff3
Targets
-
-
Target
286e2f0005e5dd19e3b8ef0d62313c2114ec78d646e5e172b75c3dc5055e170c
-
Size
481KB
-
MD5
75aeca15f9482c83fef3ec725721bf14
-
SHA1
131bb41ffd1adb74e32ac9857c628f21f9c25cf5
-
SHA256
286e2f0005e5dd19e3b8ef0d62313c2114ec78d646e5e172b75c3dc5055e170c
-
SHA512
a935ca628724181a619f4d7b022e434f2249c62ac459169dcb3235e4409c4a46e5274f630157e4d4367d197366938c0d3c4becd733f550af6afba128b4685647
-
SSDEEP
12288:XMrhy90HP5y6FwFhi47xAEBGZt1e+9YG:Oy0jwtlA8GFeTG
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-