Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
4501042e853acdf48227fe588a90f61e0abf6e134fe3054a8a8e10adbe74ddcf
-
Size
579KB
-
Sample
230605-lq1mysgc4z
-
MD5
4de752e5c952d10c3306cb90047d06cd
-
SHA1
2835a0a3e523781bedbc1364ec82ae28d2f19bb2
-
SHA256
4501042e853acdf48227fe588a90f61e0abf6e134fe3054a8a8e10adbe74ddcf
-
SHA512
0c2a2396be9e0ff78ee847b2259d291ac70af7e514a41ba020453b612506d5851f11b7e08614a20c284e170224b852ccd9ee89728162d7484dcbeb061fdc19a6
-
SSDEEP
12288:6Mr+y90t5QvuofPRZwQnAI3WgOyPyTlg8Kg8PL:Ay7hfYQAI3WuPyTlVKgQL
Static task
static1
Behavioral task
behavioral1
Sample
4501042e853acdf48227fe588a90f61e0abf6e134fe3054a8a8e10adbe74ddcf.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
diza
83.97.73.126:19046
-
auth_value
0d09b419c8bc967f91c68be4a17e92ee
Targets
-
-
Target
4501042e853acdf48227fe588a90f61e0abf6e134fe3054a8a8e10adbe74ddcf
-
Size
579KB
-
MD5
4de752e5c952d10c3306cb90047d06cd
-
SHA1
2835a0a3e523781bedbc1364ec82ae28d2f19bb2
-
SHA256
4501042e853acdf48227fe588a90f61e0abf6e134fe3054a8a8e10adbe74ddcf
-
SHA512
0c2a2396be9e0ff78ee847b2259d291ac70af7e514a41ba020453b612506d5851f11b7e08614a20c284e170224b852ccd9ee89728162d7484dcbeb061fdc19a6
-
SSDEEP
12288:6Mr+y90t5QvuofPRZwQnAI3WgOyPyTlg8Kg8PL:Ay7hfYQAI3WuPyTlVKgQL
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-