Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
6bf4e6d596ed0c41732633c83e2241afb32e9cff426df3b8fc0801ae49e2d6c5
-
Size
767KB
-
Sample
230525-vxkpracb3z
-
MD5
d08d676a65ed68fc37a910f69eafc970
-
SHA1
80777e40806a2fe8fc9c7b442179acff8b051d5b
-
SHA256
6bf4e6d596ed0c41732633c83e2241afb32e9cff426df3b8fc0801ae49e2d6c5
-
SHA512
2abb353a67fda44179785b2f6c4a2c165c0661ab06c28391f2efaeaf34e66c2e83fb566f665d8dc7c045b098cd4add44c7dda7d941266244b2cc5cfc7f0b7b86
-
SSDEEP
12288:kMrKy90tZELCu/9wmqlYbeelEkEhESAtCh4t2pCOp/Sfnv+P3m+f3avaw4WhE88H:uyyZ6999qmbZFSWCqtw/Sfnvc2+PTw4p
Static task
static1
Behavioral task
behavioral1
Sample
6bf4e6d596ed0c41732633c83e2241afb32e9cff426df3b8fc0801ae49e2d6c5.exe
Resource
win10-20230220-en
Malware Config
Extracted
redline
mina
83.97.73.122:19062
-
auth_value
3d04bf4b8ba2a11c4dcf9df0e388fa05
Targets
-
-
Target
6bf4e6d596ed0c41732633c83e2241afb32e9cff426df3b8fc0801ae49e2d6c5
-
Size
767KB
-
MD5
d08d676a65ed68fc37a910f69eafc970
-
SHA1
80777e40806a2fe8fc9c7b442179acff8b051d5b
-
SHA256
6bf4e6d596ed0c41732633c83e2241afb32e9cff426df3b8fc0801ae49e2d6c5
-
SHA512
2abb353a67fda44179785b2f6c4a2c165c0661ab06c28391f2efaeaf34e66c2e83fb566f665d8dc7c045b098cd4add44c7dda7d941266244b2cc5cfc7f0b7b86
-
SSDEEP
12288:kMrKy90tZELCu/9wmqlYbeelEkEhESAtCh4t2pCOp/Sfnv+P3m+f3avaw4WhE88H:uyyZ6999qmbZFSWCqtw/Sfnvc2+PTw4p
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-