Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
6e732b153f65819114ada8730569eee80e1214cd04ded7ff1a8dad9896017021
-
Size
580KB
-
Sample
230605-lfk5hsfg22
-
MD5
8e9a4efaf38f0a13febed31d0cc20b56
-
SHA1
86c4b21f714bebb72f43a39660879af686aef950
-
SHA256
6e732b153f65819114ada8730569eee80e1214cd04ded7ff1a8dad9896017021
-
SHA512
067d2f517f77983e56fa9b81c3fc65c695e16f62e4d5bb24b82d34a49614f10216e1328fa2740dab45cc3eebecbe99d8dca4a0e687913a659cb246547e83559c
-
SSDEEP
12288:6Mryy90La31vaRC5DMkYJCN/f9SVlnZ3dKvQHzwVg6O8:UyeC5J+CN/fM7+QHEV5
Malware Config
Extracted
redline
diza
83.97.73.126:19046
-
auth_value
0d09b419c8bc967f91c68be4a17e92ee
Targets
-
-
Target
6e732b153f65819114ada8730569eee80e1214cd04ded7ff1a8dad9896017021
-
Size
580KB
-
MD5
8e9a4efaf38f0a13febed31d0cc20b56
-
SHA1
86c4b21f714bebb72f43a39660879af686aef950
-
SHA256
6e732b153f65819114ada8730569eee80e1214cd04ded7ff1a8dad9896017021
-
SHA512
067d2f517f77983e56fa9b81c3fc65c695e16f62e4d5bb24b82d34a49614f10216e1328fa2740dab45cc3eebecbe99d8dca4a0e687913a659cb246547e83559c
-
SSDEEP
12288:6Mryy90La31vaRC5DMkYJCN/f9SVlnZ3dKvQHzwVg6O8:UyeC5J+CN/fM7+QHEV5
Score10/10-
Modifies Windows Defender Real-time Protection settings
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Windows security modification
-
Adds Run key to start application
-