Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
BlenderSetup-3.5.0-win-x64.zip
-
Size
89.8MB
-
Sample
230523-s6f2taga22
-
MD5
5b1603b260a23453afc933bc54925c08
-
SHA1
fe68d730779f5b54c052b207e4a6d35f244b5fa1
-
SHA256
51b4ab44329a6efe2d4a23d5c4664da236fe08b12728d181c909feddf19eb2dc
-
SHA512
18d2044195e04eff3a5ebc4ce249633031d1b811d06d75cfa19eadcb4828f9753692ec00b1de015eac7208d3320b0b8d30e0a815b712a8e6db019a1a3128138e
-
SSDEEP
1572864:J3tbY+firscYCuCr+u5KBYpmWkjbhTKCFL6xBE9L1FKf6nP2sojzLYbE8LGC1:fk+firsCuo75KXWsl1l6E1DY6nP2NDcJ
Static task
static1
Behavioral task
behavioral1
Sample
BlenderSetup-3.5.0-win-x64.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
BlenderSetup-3.5.0-win-x64.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
5.42.64.63:19123
-
auth_value
2e251a8604620b6ba76520586114b84e
Targets
-
-
Target
BlenderSetup-3.5.0-win-x64.exe
-
Size
637.6MB
-
MD5
443cc79e21eea02b0731b09aa0c58987
-
SHA1
976078d978f3dc0e5b8476923531aecf3485c078
-
SHA256
9f00eac23eaa3f569d4320235c814c1abc3a80997acbb537bed2fdb5ffba08e8
-
SHA512
2d6aa8e8cc46e1fe51c89eb919f5973459e4a0f1b1cf3cdbf5701e2057fd5d8533325e65efde8f2b263df2f7cf414b27680b5c13aa68919ff2e889ba4d3ec714
-
SSDEEP
1572864:Hcljj7Hs6Hjo0pQI/ALJXuHo9YDvA2zA10srNqr+en3R5yUJsU:H8jjbs6Hj9X/ALJoo9oA21mNi33TL
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Blocklisted process makes network request
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
Suspicious use of SetThreadContext
-