Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
c007d4218a8129e21fe8974fe25d1ad803753f1bfb492285a8c2238c0cce7338
-
Size
479KB
-
Sample
230509-w7tk3sfc6x
-
MD5
1e332bf2f450ec03f8af4bf4d167ecc0
-
SHA1
15d3f160079ff0287835743092449cc3bf73ad24
-
SHA256
c007d4218a8129e21fe8974fe25d1ad803753f1bfb492285a8c2238c0cce7338
-
SHA512
c7231d02677d01471a1b4ea4e1976f312483853132cfbe302c2b5c7ea6f96f7abb7b15e39569d373f20f1cf489de1e15ea6b668c5cc60e67ec0584b0b38cb8b7
-
SSDEEP
12288:5MrWy90cALnqt8n+Qr5f/8oV97WvFV8Zx:Dy3hq+Qh/PY0
Static task
static1
Behavioral task
behavioral1
Sample
c007d4218a8129e21fe8974fe25d1ad803753f1bfb492285a8c2238c0cce7338.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
murka
217.196.96.101:4132
-
auth_value
878a0681ac6ad0e4eb10ef9db07abdd9
Targets
-
-
Target
c007d4218a8129e21fe8974fe25d1ad803753f1bfb492285a8c2238c0cce7338
-
Size
479KB
-
MD5
1e332bf2f450ec03f8af4bf4d167ecc0
-
SHA1
15d3f160079ff0287835743092449cc3bf73ad24
-
SHA256
c007d4218a8129e21fe8974fe25d1ad803753f1bfb492285a8c2238c0cce7338
-
SHA512
c7231d02677d01471a1b4ea4e1976f312483853132cfbe302c2b5c7ea6f96f7abb7b15e39569d373f20f1cf489de1e15ea6b668c5cc60e67ec0584b0b38cb8b7
-
SSDEEP
12288:5MrWy90cALnqt8n+Qr5f/8oV97WvFV8Zx:Dy3hq+Qh/PY0
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-