Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
401373c7c9c93b929c3fd1d60b709f566ec1bb3a89fe29b7dff3b8fe82c5e3b1
-
Size
770KB
-
Sample
230511-c7g3habc88
-
MD5
f36735222cde28e03c79bb811cd0705b
-
SHA1
fb5fbb63f5ef84649b8fd4dea93dac1eadfbfad5
-
SHA256
401373c7c9c93b929c3fd1d60b709f566ec1bb3a89fe29b7dff3b8fe82c5e3b1
-
SHA512
00871f5cf3bf1bae558c9ed152883a7b22f7ea6515dbf0194d5d72209cad094b93301435add6d69bf41c69a0104fa4d57c0801a5aef5ce4e60b1491ee8113c02
-
SSDEEP
12288:EMr1y90jYc/hHVZrARQ5gqkLmoNKESPBdJmMrZGYNa40Yh2ly7QFSpOs2hp+CgSF:hyuHVyRvVUPBdJf5N0Yay7Qfs2hp+M1
Static task
static1
Behavioral task
behavioral1
Sample
401373c7c9c93b929c3fd1d60b709f566ec1bb3a89fe29b7dff3b8fe82c5e3b1.exe
Resource
win10-20230220-en
Malware Config
Extracted
redline
debro
185.161.248.75:4132
-
auth_value
18c2c191aebfde5d1787ec8d805a01a8
Targets
-
-
Target
401373c7c9c93b929c3fd1d60b709f566ec1bb3a89fe29b7dff3b8fe82c5e3b1
-
Size
770KB
-
MD5
f36735222cde28e03c79bb811cd0705b
-
SHA1
fb5fbb63f5ef84649b8fd4dea93dac1eadfbfad5
-
SHA256
401373c7c9c93b929c3fd1d60b709f566ec1bb3a89fe29b7dff3b8fe82c5e3b1
-
SHA512
00871f5cf3bf1bae558c9ed152883a7b22f7ea6515dbf0194d5d72209cad094b93301435add6d69bf41c69a0104fa4d57c0801a5aef5ce4e60b1491ee8113c02
-
SSDEEP
12288:EMr1y90jYc/hHVZrARQ5gqkLmoNKESPBdJmMrZGYNa40Yh2ly7QFSpOs2hp+CgSF:hyuHVyRvVUPBdJf5N0Yay7Qfs2hp+M1
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-