Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
monitor230.exe
-
Size
1022KB
-
Sample
230522-mwdaaafh77
-
MD5
8229a3450e17343b9cf2ea7492822875
-
SHA1
7d8da8ce9d3a9c798517cb8dd92e20d6c687d029
-
SHA256
f7eae242d988e333cddead1f113e0ee294582abb3140c2deba02ec4e53afa266
-
SHA512
d4d6255ee5dd09cb3ceca750536d472c3d08701b909df6202ef9ae0b571d910ae66f76183bf158042138890964632820ea080fc52c6f91b8c56e0e0dd5d27a14
-
SSDEEP
24576:5yvn3MnL7C/tLtLq/9Z34RBx1HBxNEm5ZzI6BicNC8Z:svncnXYZLqF94RBx1pEm5f9C8
Static task
static1
Behavioral task
behavioral1
Sample
monitor230.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
monitor230.exe
Resource
win10v2004-20230221-en
Malware Config
Extracted
redline
luza
185.161.248.37:4138
-
auth_value
1261701914d508e02e8b4f25d38bc7f9
Targets
-
-
Target
monitor230.exe
-
Size
1022KB
-
MD5
8229a3450e17343b9cf2ea7492822875
-
SHA1
7d8da8ce9d3a9c798517cb8dd92e20d6c687d029
-
SHA256
f7eae242d988e333cddead1f113e0ee294582abb3140c2deba02ec4e53afa266
-
SHA512
d4d6255ee5dd09cb3ceca750536d472c3d08701b909df6202ef9ae0b571d910ae66f76183bf158042138890964632820ea080fc52c6f91b8c56e0e0dd5d27a14
-
SSDEEP
24576:5yvn3MnL7C/tLtLq/9Z34RBx1HBxNEm5ZzI6BicNC8Z:svncnXYZLqF94RBx1pEm5f9C8
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-