Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
8ab5674fcc3c9b4a0d509c4c14c231f581ef308a8af2dcf373ba492ba0639795
-
Size
760KB
-
Sample
230529-d85qmahe27
-
MD5
13e20284ca88bd97247c9f9c7c669c29
-
SHA1
1b28f7a71df60402fe9fc6a49f38b17dc8501700
-
SHA256
8ab5674fcc3c9b4a0d509c4c14c231f581ef308a8af2dcf373ba492ba0639795
-
SHA512
125fbb6a0d246bcaa1db02bf0943d2459f974635a8861fa8eabed9cd8c3da85377dc90be5e3b689bb42dac760ec9103d16c62a8fdd517e8712b7b907f3fb80da
-
SSDEEP
12288:vMrIy90pyJ0Y+YVY+ZZOR0fUBN542JHL6aQQ3n/7j3w0QKmzgboGyiM8rt3TQEN:PyoY7Zc1O2JHLp/nP3w0QKmzg5JyEN
Static task
static1
Behavioral task
behavioral1
Sample
8ab5674fcc3c9b4a0d509c4c14c231f581ef308a8af2dcf373ba492ba0639795.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
8ab5674fcc3c9b4a0d509c4c14c231f581ef308a8af2dcf373ba492ba0639795.exe
Resource
win10-20230220-en
Malware Config
Extracted
redline
dura
83.97.73.127:19062
-
auth_value
44b7d6fb9572dea0d64d018139c3d208
Targets
-
-
Target
8ab5674fcc3c9b4a0d509c4c14c231f581ef308a8af2dcf373ba492ba0639795
-
Size
760KB
-
MD5
13e20284ca88bd97247c9f9c7c669c29
-
SHA1
1b28f7a71df60402fe9fc6a49f38b17dc8501700
-
SHA256
8ab5674fcc3c9b4a0d509c4c14c231f581ef308a8af2dcf373ba492ba0639795
-
SHA512
125fbb6a0d246bcaa1db02bf0943d2459f974635a8861fa8eabed9cd8c3da85377dc90be5e3b689bb42dac760ec9103d16c62a8fdd517e8712b7b907f3fb80da
-
SSDEEP
12288:vMrIy90pyJ0Y+YVY+ZZOR0fUBN542JHL6aQQ3n/7j3w0QKmzgboGyiM8rt3TQEN:PyoY7Zc1O2JHLp/nP3w0QKmzg5JyEN
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-