Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
0670c6cac5eae39538b6dd0941a29155d3d1bfab1f08e07ca1a1f0e4b6a4fc50
-
Size
261KB
-
Sample
230607-rmfq9sca8y
-
MD5
29d077e4e9b6e5f190b0df43141e47e5
-
SHA1
f7a68cb575d45f625afffadb473680d1dd47dd8b
-
SHA256
0670c6cac5eae39538b6dd0941a29155d3d1bfab1f08e07ca1a1f0e4b6a4fc50
-
SHA512
a1ff348564154e5fd4158465ae641eb22d3029540554f54e3d568749d4113393e57deb99dee5989ba198eafa070cef32743d2787faa147e2782c1699c9671e77
-
SSDEEP
3072:Ghg7FG1X+lRyHFaQ7RQ05CTEezbClXv8r8+oFe6gobFHFzA+E+2yQHcj/:igpG1HFaQ7W05AEezbMPZFzAy2yA
Static task
static1
Behavioral task
behavioral1
Sample
0670c6cac5eae39538b6dd0941a29155d3d1bfab1f08e07ca1a1f0e4b6a4fc50.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
sheron
83.97.73.129:19068
-
auth_value
2d067e7e2372227d3a03b335260112e9
Targets
-
-
Target
0670c6cac5eae39538b6dd0941a29155d3d1bfab1f08e07ca1a1f0e4b6a4fc50
-
Size
261KB
-
MD5
29d077e4e9b6e5f190b0df43141e47e5
-
SHA1
f7a68cb575d45f625afffadb473680d1dd47dd8b
-
SHA256
0670c6cac5eae39538b6dd0941a29155d3d1bfab1f08e07ca1a1f0e4b6a4fc50
-
SHA512
a1ff348564154e5fd4158465ae641eb22d3029540554f54e3d568749d4113393e57deb99dee5989ba198eafa070cef32743d2787faa147e2782c1699c9671e77
-
SSDEEP
3072:Ghg7FG1X+lRyHFaQ7RQ05CTEezbClXv8r8+oFe6gobFHFzA+E+2yQHcj/:igpG1HFaQ7W05AEezbMPZFzAy2yA
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-