Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
62263263167.exe
-
Size
1.0MB
-
Sample
230522-mtgjxsfg66
-
MD5
e7a5b9384e98d5824908250151350ab9
-
SHA1
d8fa0e261190fe467a0f995ea374336ce4202d7e
-
SHA256
399c54c2eee7682054160b286afb63afdf46995224531f4d2f13f68df90f865f
-
SHA512
586d8b33547748c2c69b86888cde3a5290e75b453a0a5db8e6faf0b2d4e142782f7942cded609eb53003f2b002a516c5e0f1d75c01835fd20203a140b7cbcf77
-
SSDEEP
24576:JyGzT/ZbdDh4h5kBqFR8jVNZKA2/LynKPxTj07uBhNupXCf:8UT/ZpD6h5qqFR8hI/yKPxc7u/4
Static task
static1
Behavioral task
behavioral1
Sample
62263263167.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
62263263167.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
mixa
185.161.248.37:4138
-
auth_value
9d14534b25ac495ab25b59800acf3bb2
Targets
-
-
Target
62263263167.exe
-
Size
1.0MB
-
MD5
e7a5b9384e98d5824908250151350ab9
-
SHA1
d8fa0e261190fe467a0f995ea374336ce4202d7e
-
SHA256
399c54c2eee7682054160b286afb63afdf46995224531f4d2f13f68df90f865f
-
SHA512
586d8b33547748c2c69b86888cde3a5290e75b453a0a5db8e6faf0b2d4e142782f7942cded609eb53003f2b002a516c5e0f1d75c01835fd20203a140b7cbcf77
-
SSDEEP
24576:JyGzT/ZbdDh4h5kBqFR8jVNZKA2/LynKPxTj07uBhNupXCf:8UT/ZpD6h5qqFR8hI/yKPxc7u/4
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-