Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
1c68ce28314da27a47c76babcecc34110dda515ccce168ae7e1a244ab9deb87d
-
Size
261KB
-
Sample
230607-sdde8ace71
-
MD5
cc4105d822890b98223c933e3b48cdd9
-
SHA1
b9439db785c9a26302e9e15394354a845ab7444e
-
SHA256
1c68ce28314da27a47c76babcecc34110dda515ccce168ae7e1a244ab9deb87d
-
SHA512
98aa6ed61de19681c097ea157965f316e8b59cd234d32257a584a21847fd59478c63040cdd878dde0089a6c0e9b28febb1cf1039a4784f270acbc31c28578f99
-
SSDEEP
3072:xhg7i1SNEWOtRyHFaQ7RQ05CTEezbClXv8r8+oFe6gobFHFzA+E+2yQHcj/:XgW1eFaQ7W05AEezbMPZFzAy2yA
Static task
static1
Behavioral task
behavioral1
Sample
1c68ce28314da27a47c76babcecc34110dda515ccce168ae7e1a244ab9deb87d.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
sheron
83.97.73.129:19068
-
auth_value
2d067e7e2372227d3a03b335260112e9
Targets
-
-
Target
1c68ce28314da27a47c76babcecc34110dda515ccce168ae7e1a244ab9deb87d
-
Size
261KB
-
MD5
cc4105d822890b98223c933e3b48cdd9
-
SHA1
b9439db785c9a26302e9e15394354a845ab7444e
-
SHA256
1c68ce28314da27a47c76babcecc34110dda515ccce168ae7e1a244ab9deb87d
-
SHA512
98aa6ed61de19681c097ea157965f316e8b59cd234d32257a584a21847fd59478c63040cdd878dde0089a6c0e9b28febb1cf1039a4784f270acbc31c28578f99
-
SSDEEP
3072:xhg7i1SNEWOtRyHFaQ7RQ05CTEezbClXv8r8+oFe6gobFHFzA+E+2yQHcj/:XgW1eFaQ7W05AEezbMPZFzAy2yA
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-