Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
3eb41edab78db1b73fe65e768c0936c1.bin
-
Size
977KB
-
Sample
230523-bm6ppaeb3x
-
MD5
7873469010b81090ac4a8947d8a09306
-
SHA1
a6b319b3677202a8ae1e83fb7d832025512b0ec0
-
SHA256
e49f3e10d04def90bcd4bb4dc2106cf2161b13c5bb0073866ed2c8ef14dda1af
-
SHA512
4ee3e82ed040108f8a5c6b1d68f9bc1528bf4f2929447a4d09a424b0a889ad63617099d06ea311ae5cd2b740a34039c50c2fca0d00470657dd065a261b0dcb45
-
SSDEEP
24576:wwg8lUjTf/FR4sLHEl8gw3nZdAOwvQ7rjn5aFIVp:FlUHf/aegwXvAOgQ7/5a2j
Static task
static1
Behavioral task
behavioral1
Sample
eee2af8cb9fce696685e45f7f328963cfdce3ac4c1bc55775e46205b2b4ee333.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
eee2af8cb9fce696685e45f7f328963cfdce3ac4c1bc55775e46205b2b4ee333.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
luza
185.161.248.37:4138
-
auth_value
1261701914d508e02e8b4f25d38bc7f9
Targets
-
-
Target
eee2af8cb9fce696685e45f7f328963cfdce3ac4c1bc55775e46205b2b4ee333.exe
-
Size
1021KB
-
MD5
3eb41edab78db1b73fe65e768c0936c1
-
SHA1
9e623ff0f9a010baf6ec0a845f610d366cd33155
-
SHA256
eee2af8cb9fce696685e45f7f328963cfdce3ac4c1bc55775e46205b2b4ee333
-
SHA512
51fef1595378fcf089d7343887e94b31648101e54fa20860297c3e51a58a05106fa7035b725fc08900fe5a3148cd3b276f1f5286b1c8cd9c2dfca9de9026bd8f
-
SSDEEP
24576:Ay9lAduF8o5mmqZwcEEfjg3iuQJALUpU6uE7Hu:H9ofopqScEAg3IJsU9uE7H
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-