Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
networking992.exe
-
Size
1.0MB
-
Sample
230522-mwgmpsfh82
-
MD5
d95487f0e0bff3c3ab490116a194c958
-
SHA1
665262a1ab5225e67a0a75d0d44bf93a7eb3a573
-
SHA256
c9c89cfb3d3239dd2e0402da23caa0f803be818f8557bb568a09afab20285b7b
-
SHA512
1bf424c7554b71a691fcdb6d6c13a5f30ced42659521582aa1a739a175b9aa5a595da8e8ef08911b8f9dbd7e75a5a6db61327555eef5df80e9a53a9f1fa0e2e3
-
SSDEEP
24576:rycHy/2NUD8zFq6vYk2xNh6Le1bRnv2yg0iJnfQhA:ecSeNMgFq6ADxce1Myyhs
Static task
static1
Behavioral task
behavioral1
Sample
networking992.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
networking992.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
mixa
185.161.248.37:4138
-
auth_value
9d14534b25ac495ab25b59800acf3bb2
Targets
-
-
Target
networking992.exe
-
Size
1.0MB
-
MD5
d95487f0e0bff3c3ab490116a194c958
-
SHA1
665262a1ab5225e67a0a75d0d44bf93a7eb3a573
-
SHA256
c9c89cfb3d3239dd2e0402da23caa0f803be818f8557bb568a09afab20285b7b
-
SHA512
1bf424c7554b71a691fcdb6d6c13a5f30ced42659521582aa1a739a175b9aa5a595da8e8ef08911b8f9dbd7e75a5a6db61327555eef5df80e9a53a9f1fa0e2e3
-
SSDEEP
24576:rycHy/2NUD8zFq6vYk2xNh6Le1bRnv2yg0iJnfQhA:ecSeNMgFq6ADxce1Myyhs
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-