Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
86c5796c0950cc5611c0777bec2a9966b39703a3c842019bb54b92d008bf3091
-
Size
769KB
-
Sample
230511-azkgjscg2z
-
MD5
2192e78e226ded3e90153939253bb995
-
SHA1
eae212316fa4f120c7e25b8e7160d2c1a4dc8dca
-
SHA256
86c5796c0950cc5611c0777bec2a9966b39703a3c842019bb54b92d008bf3091
-
SHA512
aff8c63b8d61d4b0a2cca130272529c63dd8061169072e7d85e790ee392a1e245e60a360b3e6eb1b27bed2b70e69efb4b8f78ce2d24c1e8f9935c7877b9ccbfa
-
SSDEEP
12288:MMrIy90UKF36qwIwHydHGTk/KrONXaTKnqReJaT/S3pI27JsPKqxc:cygAdKnNXaTpwm63SSmPzS
Static task
static1
Behavioral task
behavioral1
Sample
86c5796c0950cc5611c0777bec2a9966b39703a3c842019bb54b92d008bf3091.exe
Resource
win10-20230220-en
Malware Config
Extracted
redline
debro
185.161.248.75:4132
-
auth_value
18c2c191aebfde5d1787ec8d805a01a8
Targets
-
-
Target
86c5796c0950cc5611c0777bec2a9966b39703a3c842019bb54b92d008bf3091
-
Size
769KB
-
MD5
2192e78e226ded3e90153939253bb995
-
SHA1
eae212316fa4f120c7e25b8e7160d2c1a4dc8dca
-
SHA256
86c5796c0950cc5611c0777bec2a9966b39703a3c842019bb54b92d008bf3091
-
SHA512
aff8c63b8d61d4b0a2cca130272529c63dd8061169072e7d85e790ee392a1e245e60a360b3e6eb1b27bed2b70e69efb4b8f78ce2d24c1e8f9935c7877b9ccbfa
-
SSDEEP
12288:MMrIy90UKF36qwIwHydHGTk/KrONXaTKnqReJaT/S3pI27JsPKqxc:cygAdKnNXaTpwm63SSmPzS
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-