Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
connector361.exe
-
Size
1.0MB
-
Sample
230522-mvrraafh29
-
MD5
581026913ad722416f7644094188e68a
-
SHA1
df366a2268e5373f407e73fc80c7f694d31db551
-
SHA256
cb0d7efc51da225943743f0055cdf3584ad5d4f3a855150eb0bad8697e579433
-
SHA512
c3f316d248469d932bd10254eccc2f3f3a71f291bd8b068c857247c43ba6d5616672bdb317e404939381e6b1e2452243987b6c7e2205c75b87d29c99ed23b90c
-
SSDEEP
24576:1yJAzsS6ggVpLLy2qFYDJi1se/qenD6ezp9sXp9G8iZvKwIe:QJLSiVpS2q2i1seCenuezQXiZv
Static task
static1
Behavioral task
behavioral1
Sample
connector361.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
connector361.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
diza
185.161.248.37:4138
-
auth_value
0d09b419c8bc967f91c68be4a17e92ee
Targets
-
-
Target
connector361.exe
-
Size
1.0MB
-
MD5
581026913ad722416f7644094188e68a
-
SHA1
df366a2268e5373f407e73fc80c7f694d31db551
-
SHA256
cb0d7efc51da225943743f0055cdf3584ad5d4f3a855150eb0bad8697e579433
-
SHA512
c3f316d248469d932bd10254eccc2f3f3a71f291bd8b068c857247c43ba6d5616672bdb317e404939381e6b1e2452243987b6c7e2205c75b87d29c99ed23b90c
-
SSDEEP
24576:1yJAzsS6ggVpLLy2qFYDJi1se/qenD6ezp9sXp9G8iZvKwIe:QJLSiVpS2q2i1seCenuezQXiZv
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-