Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2454.exe
-
Size
1.0MB
-
Sample
230520-m4jf9see7s
-
MD5
a2e3ada01f6c8ce8724a7903064f21ea
-
SHA1
38199193c3d02408b937b32167e38bb9fae1c6f6
-
SHA256
86f3a75d3c1fdb2c101a9fd830930f91254e0dd70a353007b0719abafbf22c25
-
SHA512
72e0173bbf937ed30d6359c42f1489218d46695732f55504356f68ba94c179009829c8af004c4270e19954965faf75559aeb3f70f8e2e81cacd9993d59604bf9
-
SSDEEP
24576:/yX0i0tabVsXRmBOmfeGxi5LsxZWk1GekCjGeKJ:KkikLXRMGGxiZkZNjtK
Static task
static1
Behavioral task
behavioral1
Sample
2454.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
2454.exe
Resource
win10v2004-20230221-en
Malware Config
Extracted
redline
meren
77.91.68.253:19065
-
auth_value
a26557b435e44b55fdd4708fbba97d21
Targets
-
-
Target
2454.exe
-
Size
1.0MB
-
MD5
a2e3ada01f6c8ce8724a7903064f21ea
-
SHA1
38199193c3d02408b937b32167e38bb9fae1c6f6
-
SHA256
86f3a75d3c1fdb2c101a9fd830930f91254e0dd70a353007b0719abafbf22c25
-
SHA512
72e0173bbf937ed30d6359c42f1489218d46695732f55504356f68ba94c179009829c8af004c4270e19954965faf75559aeb3f70f8e2e81cacd9993d59604bf9
-
SSDEEP
24576:/yX0i0tabVsXRmBOmfeGxi5LsxZWk1GekCjGeKJ:KkikLXRMGGxiZkZNjtK
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-