Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
63aff83d91305d59d98f5e251f143456.exe
-
Size
584KB
-
Sample
230606-db6awscd4z
-
MD5
63aff83d91305d59d98f5e251f143456
-
SHA1
4b546039570c29e6080345427defead0453cd875
-
SHA256
e788ec61549dfb2a7e09ee105e86cd1fe6e62a514597aee43918c97353b5758b
-
SHA512
8c8a1d836aa29af61818204505a7975932f03193a8d3c57fca243102d6c59407252a8309cb72995181c742539dc20b541a29ed43854b3a59e052812d4cd02889
-
SSDEEP
12288:QMr6y90W1tqx0pfJZmeAmMXI6vpFxwn9F/+1brJIs0x:6y/5vmeAmMXI0pPw9N+brOs0x
Static task
static1
Behavioral task
behavioral1
Sample
63aff83d91305d59d98f5e251f143456.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
63aff83d91305d59d98f5e251f143456.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
diza
83.97.73.126:19048
-
auth_value
0d09b419c8bc967f91c68be4a17e92ee
Targets
-
-
Target
63aff83d91305d59d98f5e251f143456.exe
-
Size
584KB
-
MD5
63aff83d91305d59d98f5e251f143456
-
SHA1
4b546039570c29e6080345427defead0453cd875
-
SHA256
e788ec61549dfb2a7e09ee105e86cd1fe6e62a514597aee43918c97353b5758b
-
SHA512
8c8a1d836aa29af61818204505a7975932f03193a8d3c57fca243102d6c59407252a8309cb72995181c742539dc20b541a29ed43854b3a59e052812d4cd02889
-
SSDEEP
12288:QMr6y90W1tqx0pfJZmeAmMXI6vpFxwn9F/+1brJIs0x:6y/5vmeAmMXI0pPw9N+brOs0x
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-