Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
file.exe
-
Size
430KB
-
Sample
230601-me42nsdg33
-
MD5
38590b49503ebe86502c9418f11e7458
-
SHA1
9014f82d54690aaa6e0a8d602933ec6b79ce2a91
-
SHA256
5a37399feb2eebccfcb6268fcf8ed8bc1e3243ec0797daa5a6d8a4cdc993129f
-
SHA512
5d9a99832f4b56a94514c2c814e0d9fd4c82cd39782d0c2ac6d83b476227091bdbdd27a4d45568cc5e2ee7f5763cf6a4030d0cbfed4c52cf635dacae64468dc7
-
SSDEEP
6144:2prkauGpxdr+Q/BsWkrjr6dCJ77cIniSSSPauIvt9gINkSVvVERuAXJunb6:2pIuh+YBnEXTdPauUgINzFVERuAXb
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
file.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
Instals
89.23.97.107:8086
-
auth_value
8a82a3c9eb67dfb581f57e3f2c7aefe6
Targets
-
-
Target
file.exe
-
Size
430KB
-
MD5
38590b49503ebe86502c9418f11e7458
-
SHA1
9014f82d54690aaa6e0a8d602933ec6b79ce2a91
-
SHA256
5a37399feb2eebccfcb6268fcf8ed8bc1e3243ec0797daa5a6d8a4cdc993129f
-
SHA512
5d9a99832f4b56a94514c2c814e0d9fd4c82cd39782d0c2ac6d83b476227091bdbdd27a4d45568cc5e2ee7f5763cf6a4030d0cbfed4c52cf635dacae64468dc7
-
SSDEEP
6144:2prkauGpxdr+Q/BsWkrjr6dCJ77cIniSSSPauIvt9gINkSVvVERuAXJunb6:2pIuh+YBnEXTdPauUgINzFVERuAXb
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Uses the VBS compiler for execution
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-