Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
6974eb31b59e7d0b610badaee10a75d875f65264bb5383ecf11ba2a81b294702
-
Size
581KB
-
Sample
230605-a2q24sec98
-
MD5
72f91ee85080737bf8003258a3bd461e
-
SHA1
b4d9c35d7ece04adc9350f816e8b548caf30d1a4
-
SHA256
6974eb31b59e7d0b610badaee10a75d875f65264bb5383ecf11ba2a81b294702
-
SHA512
b010ab2621501cbf29af7ea34431382c3038a5c57375c894d50dde1f27f3e101c0068501602d44f0a5b94b8cae7a239c49a040caae71df9458b05772238dd873
-
SSDEEP
12288:bMr+y90d6ZOyC/YgRuwQbDrwMdxgxQ/XkA7Ly1LoCOPL:tyw6uhgws3gx43Ony
Static task
static1
Behavioral task
behavioral1
Sample
6974eb31b59e7d0b610badaee10a75d875f65264bb5383ecf11ba2a81b294702.exe
Resource
win10-20230220-en
Malware Config
Extracted
redline
diza
83.97.73.126:19046
-
auth_value
0d09b419c8bc967f91c68be4a17e92ee
Targets
-
-
Target
6974eb31b59e7d0b610badaee10a75d875f65264bb5383ecf11ba2a81b294702
-
Size
581KB
-
MD5
72f91ee85080737bf8003258a3bd461e
-
SHA1
b4d9c35d7ece04adc9350f816e8b548caf30d1a4
-
SHA256
6974eb31b59e7d0b610badaee10a75d875f65264bb5383ecf11ba2a81b294702
-
SHA512
b010ab2621501cbf29af7ea34431382c3038a5c57375c894d50dde1f27f3e101c0068501602d44f0a5b94b8cae7a239c49a040caae71df9458b05772238dd873
-
SSDEEP
12288:bMr+y90d6ZOyC/YgRuwQbDrwMdxgxQ/XkA7Ly1LoCOPL:tyw6uhgws3gx43Ony
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-