Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
bda9121d23eb12a438387cb5d08279fe63c4895836fe01600007b06239a7b19b
-
Size
262KB
-
Sample
230607-pf6m1aac38
-
MD5
1ae2d63509750380130d21bd036d9dd0
-
SHA1
941edd6f8cf9a858e4b2cbb5c1d612fbcd800aaa
-
SHA256
bda9121d23eb12a438387cb5d08279fe63c4895836fe01600007b06239a7b19b
-
SHA512
b38c559752bb6a08de78de74a1506c1dbf2900b2b53cb3b1630ada0157d50092e5b43265a39f1cd487a8f78f835381cb9cb581e8c3de2730056ae7bb5712fb0e
-
SSDEEP
3072:3x/Q1dYeyVyXFaQ7RQ05CTEezbClXv8r8+oFe6gobFHFzA+E+2SUHcj/:h/Q1CAFaQ7W05AEezbMPZFzAy2Sc
Static task
static1
Behavioral task
behavioral1
Sample
bda9121d23eb12a438387cb5d08279fe63c4895836fe01600007b06239a7b19b.exe
Resource
win10-20230220-en
Malware Config
Extracted
redline
sheron
83.97.73.129:19068
-
auth_value
2d067e7e2372227d3a03b335260112e9
Targets
-
-
Target
bda9121d23eb12a438387cb5d08279fe63c4895836fe01600007b06239a7b19b
-
Size
262KB
-
MD5
1ae2d63509750380130d21bd036d9dd0
-
SHA1
941edd6f8cf9a858e4b2cbb5c1d612fbcd800aaa
-
SHA256
bda9121d23eb12a438387cb5d08279fe63c4895836fe01600007b06239a7b19b
-
SHA512
b38c559752bb6a08de78de74a1506c1dbf2900b2b53cb3b1630ada0157d50092e5b43265a39f1cd487a8f78f835381cb9cb581e8c3de2730056ae7bb5712fb0e
-
SSDEEP
3072:3x/Q1dYeyVyXFaQ7RQ05CTEezbClXv8r8+oFe6gobFHFzA+E+2SUHcj/:h/Q1CAFaQ7W05AEezbMPZFzAy2Sc
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-