Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
3b2d0b14c55db45a6c85a6168f7c94e5211d05660a73678adf1c9768c6379a5f
-
Size
584KB
-
Sample
230606-ferysacf4x
-
MD5
cac11cadde640bb0b326ea4bb9ed1b62
-
SHA1
0641b8f830c7053c71dcfb62ff946aa4dc778ea2
-
SHA256
3b2d0b14c55db45a6c85a6168f7c94e5211d05660a73678adf1c9768c6379a5f
-
SHA512
af1ff4f6a0650f255585de2b22024a29d23c3be04cf77794545d0bcd7790c2b71fb1ff16141d1ac155c7b59d44c53184aec936d8dcf59a854e3123a85b3ba7f6
-
SSDEEP
12288:4MrUy90pkAS6LtDG/xYirKse9FTJVRuv6mM0uh19wlj:MyI7tDG/xzrKt9PVRuvnLik
Static task
static1
Behavioral task
behavioral1
Sample
3b2d0b14c55db45a6c85a6168f7c94e5211d05660a73678adf1c9768c6379a5f.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
3b2d0b14c55db45a6c85a6168f7c94e5211d05660a73678adf1c9768c6379a5f.exe
Resource
win10-20230220-en
Malware Config
Extracted
redline
diza
83.97.73.126:19048
-
auth_value
0d09b419c8bc967f91c68be4a17e92ee
Targets
-
-
Target
3b2d0b14c55db45a6c85a6168f7c94e5211d05660a73678adf1c9768c6379a5f
-
Size
584KB
-
MD5
cac11cadde640bb0b326ea4bb9ed1b62
-
SHA1
0641b8f830c7053c71dcfb62ff946aa4dc778ea2
-
SHA256
3b2d0b14c55db45a6c85a6168f7c94e5211d05660a73678adf1c9768c6379a5f
-
SHA512
af1ff4f6a0650f255585de2b22024a29d23c3be04cf77794545d0bcd7790c2b71fb1ff16141d1ac155c7b59d44c53184aec936d8dcf59a854e3123a85b3ba7f6
-
SSDEEP
12288:4MrUy90pkAS6LtDG/xYirKse9FTJVRuv6mM0uh19wlj:MyI7tDG/xzrKt9PVRuvnLik
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-