Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
c542eccaf0f58d9b2a69559fe3816ed78c0b06b80555ca3fd496cfe3e749e161
-
Size
1.0MB
-
Sample
230521-fe1wpagc46
-
MD5
80dc22efc81ed2bf30b7a969c50f4deb
-
SHA1
4635b28401f2a4cb87cd5a3673aba87970ccb271
-
SHA256
c542eccaf0f58d9b2a69559fe3816ed78c0b06b80555ca3fd496cfe3e749e161
-
SHA512
6b16c87b0f3fcf7feb64cfd9e789678e3d1fefa94fc20fbc9fadaa636c4561d08d7d0c828709ac2b3d13b161692933e15b81969cdd5df107ba41e0a0dc879627
-
SSDEEP
24576:Ty3VHq01WAahu1Y+83ubdHO+WhcrVhaVHK3uuheaqGk:mlHq01ay8+bdHO+dLa83BuG
Static task
static1
Behavioral task
behavioral1
Sample
c542eccaf0f58d9b2a69559fe3816ed78c0b06b80555ca3fd496cfe3e749e161.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
c542eccaf0f58d9b2a69559fe3816ed78c0b06b80555ca3fd496cfe3e749e161.exe
Resource
win10-20230220-en
Malware Config
Extracted
redline
diza
185.161.248.37:4138
-
auth_value
0d09b419c8bc967f91c68be4a17e92ee
Targets
-
-
Target
c542eccaf0f58d9b2a69559fe3816ed78c0b06b80555ca3fd496cfe3e749e161
-
Size
1.0MB
-
MD5
80dc22efc81ed2bf30b7a969c50f4deb
-
SHA1
4635b28401f2a4cb87cd5a3673aba87970ccb271
-
SHA256
c542eccaf0f58d9b2a69559fe3816ed78c0b06b80555ca3fd496cfe3e749e161
-
SHA512
6b16c87b0f3fcf7feb64cfd9e789678e3d1fefa94fc20fbc9fadaa636c4561d08d7d0c828709ac2b3d13b161692933e15b81969cdd5df107ba41e0a0dc879627
-
SSDEEP
24576:Ty3VHq01WAahu1Y+83ubdHO+WhcrVhaVHK3uuheaqGk:mlHq01ay8+bdHO+dLa83BuG
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-