Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
92f3b66e5de57b159792bcd247e86551a7fb059e61226d46e072656feadf6a92
-
Size
478KB
-
Sample
230510-ql2fxahh8v
-
MD5
ffad23dfe26ea3419cf9db6902196f31
-
SHA1
c8d51cd7796dd3890e2e92b71efd0702f5221966
-
SHA256
92f3b66e5de57b159792bcd247e86551a7fb059e61226d46e072656feadf6a92
-
SHA512
c1422d903e5f1745f21073f1a9c0320d825461e84cbcb24aea650d1cc3bad13a2703ac2ba7a1b27ad7b48e3afef43def141d624251890e773abbd32fd9485dd9
-
SSDEEP
12288:TMr8y90nljYL+EiqW+qgiyu7sHw7nmGRR/:3y6lI/LiYHw7mGRF
Static task
static1
Behavioral task
behavioral1
Sample
92f3b66e5de57b159792bcd247e86551a7fb059e61226d46e072656feadf6a92.exe
Resource
win10-20230220-en
Malware Config
Extracted
redline
dippo
217.196.96.102:4132
-
auth_value
79490ff628fd6af3b29170c3c163874b
Targets
-
-
Target
92f3b66e5de57b159792bcd247e86551a7fb059e61226d46e072656feadf6a92
-
Size
478KB
-
MD5
ffad23dfe26ea3419cf9db6902196f31
-
SHA1
c8d51cd7796dd3890e2e92b71efd0702f5221966
-
SHA256
92f3b66e5de57b159792bcd247e86551a7fb059e61226d46e072656feadf6a92
-
SHA512
c1422d903e5f1745f21073f1a9c0320d825461e84cbcb24aea650d1cc3bad13a2703ac2ba7a1b27ad7b48e3afef43def141d624251890e773abbd32fd9485dd9
-
SSDEEP
12288:TMr8y90nljYL+EiqW+qgiyu7sHw7nmGRR/:3y6lI/LiYHw7mGRF
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-