Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
5b5fd8f37a036d8323fd02dbd8ae21ba233d591ed2e45dac8ce887bd505e2cf6
-
Size
580KB
-
Sample
230605-hvysdafg8x
-
MD5
b4518646701999e56883fbcbdf1eb9e8
-
SHA1
3e2cf8d26b5a9cb4e7224617ad9a12bea2921b4c
-
SHA256
5b5fd8f37a036d8323fd02dbd8ae21ba233d591ed2e45dac8ce887bd505e2cf6
-
SHA512
042f7e57c1477aaafabb7bd3ccd41ba787f65bbd544ff06517290db7bbffef803a9e5839e6d8cd4c78238e1681a078a08261fe675d59205cbac685f768d1588f
-
SSDEEP
12288:FMrOy90sSi8E2Qwi8YupgdaZLdHssxTH9i3USAs:nyLJLwi8YE0aZLdHsQk3t
Static task
static1
Behavioral task
behavioral1
Sample
5b5fd8f37a036d8323fd02dbd8ae21ba233d591ed2e45dac8ce887bd505e2cf6.exe
Resource
win10-20230220-en
Malware Config
Extracted
redline
diza
83.97.73.126:19046
-
auth_value
0d09b419c8bc967f91c68be4a17e92ee
Targets
-
-
Target
5b5fd8f37a036d8323fd02dbd8ae21ba233d591ed2e45dac8ce887bd505e2cf6
-
Size
580KB
-
MD5
b4518646701999e56883fbcbdf1eb9e8
-
SHA1
3e2cf8d26b5a9cb4e7224617ad9a12bea2921b4c
-
SHA256
5b5fd8f37a036d8323fd02dbd8ae21ba233d591ed2e45dac8ce887bd505e2cf6
-
SHA512
042f7e57c1477aaafabb7bd3ccd41ba787f65bbd544ff06517290db7bbffef803a9e5839e6d8cd4c78238e1681a078a08261fe675d59205cbac685f768d1588f
-
SSDEEP
12288:FMrOy90sSi8E2Qwi8YupgdaZLdHssxTH9i3USAs:nyLJLwi8YE0aZLdHsQk3t
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Adds Run key to start application
-