Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
126a17d3c17bfc00c0b85bec0dd6be322664e5d1eee36289f0d4894d54db0db0
-
Size
578KB
-
Sample
230606-14n9eafh53
-
MD5
0a7e31abb542a4d4a9a2c6533dd4fd97
-
SHA1
1e8918213184f9ba58066a8fd422f06e975e5c68
-
SHA256
126a17d3c17bfc00c0b85bec0dd6be322664e5d1eee36289f0d4894d54db0db0
-
SHA512
5da9404585b3b478e162c7a47e4fd75e3665634a9881a0237179b97797cb009cdc45c307920e58785e5ea3f5451a9d6e01370954671257f894afd2c5303da299
-
SSDEEP
12288:aMrdy90P7WK78bz45BHTd1KdKvtjxEEOXUQh:7yG4bz45hdSKvtjxEdr
Static task
static1
Behavioral task
behavioral1
Sample
126a17d3c17bfc00c0b85bec0dd6be322664e5d1eee36289f0d4894d54db0db0.exe
Resource
win10-20230220-en
Malware Config
Extracted
redline
diza
83.97.73.126:19048
-
auth_value
0d09b419c8bc967f91c68be4a17e92ee
Targets
-
-
Target
126a17d3c17bfc00c0b85bec0dd6be322664e5d1eee36289f0d4894d54db0db0
-
Size
578KB
-
MD5
0a7e31abb542a4d4a9a2c6533dd4fd97
-
SHA1
1e8918213184f9ba58066a8fd422f06e975e5c68
-
SHA256
126a17d3c17bfc00c0b85bec0dd6be322664e5d1eee36289f0d4894d54db0db0
-
SHA512
5da9404585b3b478e162c7a47e4fd75e3665634a9881a0237179b97797cb009cdc45c307920e58785e5ea3f5451a9d6e01370954671257f894afd2c5303da299
-
SSDEEP
12288:aMrdy90P7WK78bz45BHTd1KdKvtjxEEOXUQh:7yG4bz45hdSKvtjxEdr
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-