Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
3d29019ede0958d84e57d6583756b6be27f506e650963b04ab800bb49d8b6fab
-
Size
479KB
-
Sample
230510-kb9fwagh7y
-
MD5
3efe70b9c0294a62411e5166a407b1df
-
SHA1
466158e5c3fbc9eee325338d0a2c0c5c0413a1cf
-
SHA256
3d29019ede0958d84e57d6583756b6be27f506e650963b04ab800bb49d8b6fab
-
SHA512
4a7ad0074294f295bfad960bdb7ee9048834f08bdf43091ed798ccf7504f7a6a5fdc29b9aafe8b38cc618b3c1565875fc2ba52b5d2d3ddf72cb5b5de1b7f72b5
-
SSDEEP
12288:6MrVy901ED648euPxb3SZYE3eqRKoI7PnlA2+Ry4r3Dws8WUx:fyeQW5yYEuDK3bsx
Static task
static1
Behavioral task
behavioral1
Sample
3d29019ede0958d84e57d6583756b6be27f506e650963b04ab800bb49d8b6fab.exe
Resource
win10-20230220-en
Malware Config
Extracted
redline
mufos
217.196.96.102:4132
-
auth_value
136f202e6569ad5815c34377858a255c
Targets
-
-
Target
3d29019ede0958d84e57d6583756b6be27f506e650963b04ab800bb49d8b6fab
-
Size
479KB
-
MD5
3efe70b9c0294a62411e5166a407b1df
-
SHA1
466158e5c3fbc9eee325338d0a2c0c5c0413a1cf
-
SHA256
3d29019ede0958d84e57d6583756b6be27f506e650963b04ab800bb49d8b6fab
-
SHA512
4a7ad0074294f295bfad960bdb7ee9048834f08bdf43091ed798ccf7504f7a6a5fdc29b9aafe8b38cc618b3c1565875fc2ba52b5d2d3ddf72cb5b5de1b7f72b5
-
SSDEEP
12288:6MrVy901ED648euPxb3SZYE3eqRKoI7PnlA2+Ry4r3Dws8WUx:fyeQW5yYEuDK3bsx
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-