Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
e28da21b6ffb35994480208a5d2504a03d1296df4f297fb23db2b2754a13ca41
-
Size
479KB
-
Sample
230510-ck1lbsfg61
-
MD5
d755549cc6a6d4c50d8b18a6e3418d28
-
SHA1
7a57cc4760ffaac7af821a49a405749b10ae8ad2
-
SHA256
e28da21b6ffb35994480208a5d2504a03d1296df4f297fb23db2b2754a13ca41
-
SHA512
364ec95d6f87cacb3cd7f274fe8420e2ef06df231b9da0beb709760238083f551e199d25bb50ea61d2fb4dbf1abed6e534bf270af26b76c7eb1fd16ac9213a02
-
SSDEEP
12288:DMrCy90AdKNGs3hblk+mzoPLrFUv0M6Fs2Z5XCBfGB:Ry5q9mklXbFs2DXCkB
Static task
static1
Behavioral task
behavioral1
Sample
e28da21b6ffb35994480208a5d2504a03d1296df4f297fb23db2b2754a13ca41.exe
Resource
win10-20230220-en
Malware Config
Extracted
redline
mufos
217.196.96.102:4132
-
auth_value
136f202e6569ad5815c34377858a255c
Targets
-
-
Target
e28da21b6ffb35994480208a5d2504a03d1296df4f297fb23db2b2754a13ca41
-
Size
479KB
-
MD5
d755549cc6a6d4c50d8b18a6e3418d28
-
SHA1
7a57cc4760ffaac7af821a49a405749b10ae8ad2
-
SHA256
e28da21b6ffb35994480208a5d2504a03d1296df4f297fb23db2b2754a13ca41
-
SHA512
364ec95d6f87cacb3cd7f274fe8420e2ef06df231b9da0beb709760238083f551e199d25bb50ea61d2fb4dbf1abed6e534bf270af26b76c7eb1fd16ac9213a02
-
SSDEEP
12288:DMrCy90AdKNGs3hblk+mzoPLrFUv0M6Fs2Z5XCBfGB:Ry5q9mklXbFs2DXCkB
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-