Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
e0b65e53bed5408a608035639448fde687fb82c5bd1c798424a7325e2a2873a6
-
Size
770KB
-
Sample
230511-f37n5sdg2v
-
MD5
4de0ff0bfcdbb6c3b848cb34a98e5ec2
-
SHA1
809d2b26273ad8ef102109a8940dd42f2b2b3d15
-
SHA256
e0b65e53bed5408a608035639448fde687fb82c5bd1c798424a7325e2a2873a6
-
SHA512
1ff1f5ff0d3927560fcc98b41d847d6b4dbae7f917bd3d8689a65d42992c047099872f66437650dd932c0a0738544173764cb7b5c1b013ec1f6195df733d7f10
-
SSDEEP
12288:OMrJy90TZCBu/L9J2KWDLbX6PiedWb3qLYFqNT/XlYiKTX3jerVPSarkqLE3:fyqCkf67ckLwjlYvTym3
Static task
static1
Behavioral task
behavioral1
Sample
e0b65e53bed5408a608035639448fde687fb82c5bd1c798424a7325e2a2873a6.exe
Resource
win10-20230220-en
Malware Config
Extracted
redline
debro
185.161.248.75:4132
-
auth_value
18c2c191aebfde5d1787ec8d805a01a8
Targets
-
-
Target
e0b65e53bed5408a608035639448fde687fb82c5bd1c798424a7325e2a2873a6
-
Size
770KB
-
MD5
4de0ff0bfcdbb6c3b848cb34a98e5ec2
-
SHA1
809d2b26273ad8ef102109a8940dd42f2b2b3d15
-
SHA256
e0b65e53bed5408a608035639448fde687fb82c5bd1c798424a7325e2a2873a6
-
SHA512
1ff1f5ff0d3927560fcc98b41d847d6b4dbae7f917bd3d8689a65d42992c047099872f66437650dd932c0a0738544173764cb7b5c1b013ec1f6195df733d7f10
-
SSDEEP
12288:OMrJy90TZCBu/L9J2KWDLbX6PiedWb3qLYFqNT/XlYiKTX3jerVPSarkqLE3:fyqCkf67ckLwjlYvTym3
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-