Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
611b1da3f688d331cc598818c4376e615aaa6865b93236f8888235fd3e798116
-
Size
585KB
-
Sample
230606-m5evgadg6x
-
MD5
4ac73d61cd0321b5249266816b6a5f31
-
SHA1
94b9587c00d8846dc33e74350c4b8c329f6a628e
-
SHA256
611b1da3f688d331cc598818c4376e615aaa6865b93236f8888235fd3e798116
-
SHA512
ac388be9962984dd3291ed26a41691ad577d370c276185d0ceff0d1b8fc8f500179960c565dc90c96d77d3e1b886dff0aa69e682d6897d6aab67fc8f9e1f84a5
-
SSDEEP
12288:0Mr+y904rsUFzT6A3+BNictSnq+kORmg2uub:yyprxJT6mo1tSnq+fzub
Static task
static1
Behavioral task
behavioral1
Sample
611b1da3f688d331cc598818c4376e615aaa6865b93236f8888235fd3e798116.exe
Resource
win10v2004-20230221-en
Malware Config
Extracted
redline
diza
83.97.73.126:19048
-
auth_value
0d09b419c8bc967f91c68be4a17e92ee
Targets
-
-
Target
611b1da3f688d331cc598818c4376e615aaa6865b93236f8888235fd3e798116
-
Size
585KB
-
MD5
4ac73d61cd0321b5249266816b6a5f31
-
SHA1
94b9587c00d8846dc33e74350c4b8c329f6a628e
-
SHA256
611b1da3f688d331cc598818c4376e615aaa6865b93236f8888235fd3e798116
-
SHA512
ac388be9962984dd3291ed26a41691ad577d370c276185d0ceff0d1b8fc8f500179960c565dc90c96d77d3e1b886dff0aa69e682d6897d6aab67fc8f9e1f84a5
-
SSDEEP
12288:0Mr+y904rsUFzT6A3+BNictSnq+kORmg2uub:yyprxJT6mo1tSnq+fzub
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-