Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
a74981afdf72998cad16114674c8a9e5f9e8abede2c778cd3b5312bf27523f3b
-
Size
769KB
-
Sample
230511-hjj5vacb69
-
MD5
42a3158d2d3e3431ce531a9ce52465c2
-
SHA1
2e91d92c6af2c5653da377d912554ca25871005e
-
SHA256
a74981afdf72998cad16114674c8a9e5f9e8abede2c778cd3b5312bf27523f3b
-
SHA512
a86d4c1d793cb33fddf598d88bde78e5d1c77c2e2957d3f936b795e5702c66d47a8f56508436982729e60fe5f589ad20d202cf4a221987bc187989262848c2a0
-
SSDEEP
12288:1Mr9y90sfi7J+Hn4SBZqo3yDfrkwikQ0KmOG5afv5VQNX4KiZL/t+uJQSmhDa:MyS1yqDTf+G5afv5yh4K5xDa
Static task
static1
Behavioral task
behavioral1
Sample
a74981afdf72998cad16114674c8a9e5f9e8abede2c778cd3b5312bf27523f3b.exe
Resource
win10-20230220-en
Malware Config
Extracted
redline
debro
185.161.248.75:4132
-
auth_value
18c2c191aebfde5d1787ec8d805a01a8
Targets
-
-
Target
a74981afdf72998cad16114674c8a9e5f9e8abede2c778cd3b5312bf27523f3b
-
Size
769KB
-
MD5
42a3158d2d3e3431ce531a9ce52465c2
-
SHA1
2e91d92c6af2c5653da377d912554ca25871005e
-
SHA256
a74981afdf72998cad16114674c8a9e5f9e8abede2c778cd3b5312bf27523f3b
-
SHA512
a86d4c1d793cb33fddf598d88bde78e5d1c77c2e2957d3f936b795e5702c66d47a8f56508436982729e60fe5f589ad20d202cf4a221987bc187989262848c2a0
-
SSDEEP
12288:1Mr9y90sfi7J+Hn4SBZqo3yDfrkwikQ0KmOG5afv5VQNX4KiZL/t+uJQSmhDa:MyS1yqDTf+G5afv5yh4K5xDa
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-