Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

dridex

windows10-1703-x64

10

Analysis

  • max time kernel
    50s
  • max time network
    52s
  • platform
    windows10-1703_x64
  • resource
    win10-20230220-en
  • resource tags

    arch:x64arch:x86image:win10-20230220-enlocale:en-usos:windows10-1703-x64system
  • submitted
    02/06/2023, 07:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    04377ba2b44e9594d565634472e932b44db9c6d65d01d892ce05f0028c61e4ce.exe

  • Size

    341KB

  • MD5

    55d37cbaacb9f3b79f7527aa3c92e808

  • SHA1

    fdc2bbbf7ddb9d3d4e9d5bd3c11d86eff3419c45

  • SHA256

    04377ba2b44e9594d565634472e932b44db9c6d65d01d892ce05f0028c61e4ce

  • SHA512

    e9341e813bfa214eef3805e1777253427eda320ed1c4d01b72555d06fd2e8d88b6fb67112ca9d85b412332d7d3a44cede6a64708c785f03a3a5621280d7456a4

  • SSDEEP

    6144:xlOcIFEMlYyJycXkiACQvUmGTBiRxNrNKtSxdP:xkcIFEgJ1JFQvUmGTBizlTz

Score
10/10
redlineinfostealer

Malware Config

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline
  • RedLine payload 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\04377ba2b44e9594d565634472e932b44db9c6d65d01d892ce05f0028c61e4ce.exe
    "C:\Users\Admin\AppData\Local\Temp\04377ba2b44e9594d565634472e932b44db9c6d65d01d892ce05f0028c61e4ce.exe"
    1⤵
      PID:4032

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/4032-122-0x0000000000880000-0x00000000008BE000-memory.dmp

      Filesize

      248KB

      Download

    • memory/4032-123-0x00000000028E0000-0x00000000028F0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/4032-124-0x0000000002790000-0x00000000027BE000-memory.dmp

      Filesize

      184KB

      Download

    • memory/4032-125-0x0000000004E40000-0x000000000533E000-memory.dmp

      Filesize

      5.0MB

      Download

    • memory/4032-126-0x0000000002810000-0x000000000283C000-memory.dmp

      Filesize

      176KB

      Download

    • memory/4032-127-0x00000000028E0000-0x00000000028F0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/4032-128-0x00000000028E0000-0x00000000028F0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/4032-129-0x0000000002840000-0x00000000028D2000-memory.dmp

      Filesize

      584KB

      Download

    • memory/4032-131-0x0000000000400000-0x00000000006D7000-memory.dmp

      Filesize

      2.8MB

      Download

    • memory/4032-132-0x0000000000880000-0x00000000008BE000-memory.dmp

      Filesize

      248KB

      Download