Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
4b41890ea834d7a62de6e632b2b90add0d5269b9f76dfe7e742c8905487334b2
-
Size
982KB
-
Sample
230525-khzj9ahd6z
-
MD5
b4daf6b2e00c4173da326f57d0f75881
-
SHA1
6ea69bcce0043fcd97d5d0f5d651aa0b4c9d144a
-
SHA256
4b41890ea834d7a62de6e632b2b90add0d5269b9f76dfe7e742c8905487334b2
-
SHA512
4f2c6dd9bd4dde9003e48ba26f3afd5893d61b9e95f05be8066f96a7718b404b8315be3f8475fcc48fbdc3f789312fc785de739b9123c700d2fb59b2677b4f93
-
SSDEEP
24576:3ydVjrlxQ/pbWuJzQBLyRK+THj2ht3Z3FakfWFT:Cd1fopCuJzQBQHChtJg
Static task
static1
Behavioral task
behavioral1
Sample
4b41890ea834d7a62de6e632b2b90add0d5269b9f76dfe7e742c8905487334b2.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
maxi
83.97.73.122:19062
-
auth_value
6a3f22e5f4209b056a3fd330dc71956a
Extracted
redline
haval
83.97.73.122:19062
-
auth_value
d23dec6813deb04eb8abd82657a9b0af
Targets
-
-
Target
4b41890ea834d7a62de6e632b2b90add0d5269b9f76dfe7e742c8905487334b2
-
Size
982KB
-
MD5
b4daf6b2e00c4173da326f57d0f75881
-
SHA1
6ea69bcce0043fcd97d5d0f5d651aa0b4c9d144a
-
SHA256
4b41890ea834d7a62de6e632b2b90add0d5269b9f76dfe7e742c8905487334b2
-
SHA512
4f2c6dd9bd4dde9003e48ba26f3afd5893d61b9e95f05be8066f96a7718b404b8315be3f8475fcc48fbdc3f789312fc785de739b9123c700d2fb59b2677b4f93
-
SSDEEP
24576:3ydVjrlxQ/pbWuJzQBLyRK+THj2ht3Z3FakfWFT:Cd1fopCuJzQBQHChtJg
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-