Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
0x000600000002313e-188.dat
-
Size
168KB
-
Sample
230511-hm3rcscb79
-
MD5
ed157b317eb07304af11bcc2ba7c444f
-
SHA1
cb5373125c2494b9d0291221fae4e1677e6e5faa
-
SHA256
20f8c476655d28ddbe9f0c7ff2fae61a757f36aaffa010d793a11df83e901d88
-
SHA512
c9281bdd0edebbb654ba65318c9c83ac0b4189a2ee6f70d9e82a98a10b1a1373b4bd5d85aec8e763a991431001be9c8cf93ff27986a96c48483b15ca1d5c8d2a
-
SSDEEP
3072:8kmfv4r8W2qTvI2t2qVwoMTOIkvl98e8hg:gfvhZ/Rfkvl9
Behavioral task
behavioral1
Sample
0x000600000002313e-188.exe
Resource
win7-20230220-en
Malware Config
Extracted
redline
mixa
185.161.248.75:4132
-
auth_value
9d14534b25ac495ab25b59800acf3bb2
Targets
-
-
Target
0x000600000002313e-188.dat
-
Size
168KB
-
MD5
ed157b317eb07304af11bcc2ba7c444f
-
SHA1
cb5373125c2494b9d0291221fae4e1677e6e5faa
-
SHA256
20f8c476655d28ddbe9f0c7ff2fae61a757f36aaffa010d793a11df83e901d88
-
SHA512
c9281bdd0edebbb654ba65318c9c83ac0b4189a2ee6f70d9e82a98a10b1a1373b4bd5d85aec8e763a991431001be9c8cf93ff27986a96c48483b15ca1d5c8d2a
-
SSDEEP
3072:8kmfv4r8W2qTvI2t2qVwoMTOIkvl98e8hg:gfvhZ/Rfkvl9
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-