Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
50s -
max time network
52s -
platform
windows10-1703_x64 -
resource
win10-20230220-en -
resource tags
arch:x64arch:x86image:win10-20230220-enlocale:en-usos:windows10-1703-x64system -
submitted
02/06/2023, 07:45
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
04377ba2b44e9594d565634472e932b44db9c6d65d01d892ce05f0028c61e4ce.exe
Resource
win10-20230220-en
2 signatures
150 seconds
General
-
Target
04377ba2b44e9594d565634472e932b44db9c6d65d01d892ce05f0028c61e4ce.exe
-
Size
341KB
-
MD5
55d37cbaacb9f3b79f7527aa3c92e808
-
SHA1
fdc2bbbf7ddb9d3d4e9d5bd3c11d86eff3419c45
-
SHA256
04377ba2b44e9594d565634472e932b44db9c6d65d01d892ce05f0028c61e4ce
-
SHA512
e9341e813bfa214eef3805e1777253427eda320ed1c4d01b72555d06fd2e8d88b6fb67112ca9d85b412332d7d3a44cede6a64708c785f03a3a5621280d7456a4
-
SSDEEP
6144:xlOcIFEMlYyJycXkiACQvUmGTBiRxNrNKtSxdP:xkcIFEgJ1JFQvUmGTBizlTz
Score
10/10
Malware Config
Signatures
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload 2 IoCs
resource yara_rule behavioral1/memory/4032-124-0x0000000002790000-0x00000000027BE000-memory.dmp family_redline behavioral1/memory/4032-126-0x0000000002810000-0x000000000283C000-memory.dmp family_redline