Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
28f1280949ef97bce89613462bf5ebb3edd429cad46ebc1af6db9f3157cb787c
-
Size
261KB
-
Sample
230607-tjg62adb7v
-
MD5
303dc798316f7c2d2d7a4dfc50311f2c
-
SHA1
46735a3be51b8145119edd4c65ab57cb99080d58
-
SHA256
28f1280949ef97bce89613462bf5ebb3edd429cad46ebc1af6db9f3157cb787c
-
SHA512
9cf803eed1d315ed5f75c93df7159103b727ce42d72a9587c9aa5bd3cc738b5fe8cb0a8ecbf0349d7a478e827aaaa6a24012f647ff656ffce53fee0d85df1234
-
SSDEEP
3072:2hg7Fd1x+JRyHFaQ7RQ05CTEezbClXv8r8+oFe6gobFHFzA+E+2yQHcj/:ygZd11FaQ7W05AEezbMPZFzAy2yA
Static task
static1
Behavioral task
behavioral1
Sample
28f1280949ef97bce89613462bf5ebb3edd429cad46ebc1af6db9f3157cb787c.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
sheron
83.97.73.129:19068
-
auth_value
2d067e7e2372227d3a03b335260112e9
Targets
-
-
Target
28f1280949ef97bce89613462bf5ebb3edd429cad46ebc1af6db9f3157cb787c
-
Size
261KB
-
MD5
303dc798316f7c2d2d7a4dfc50311f2c
-
SHA1
46735a3be51b8145119edd4c65ab57cb99080d58
-
SHA256
28f1280949ef97bce89613462bf5ebb3edd429cad46ebc1af6db9f3157cb787c
-
SHA512
9cf803eed1d315ed5f75c93df7159103b727ce42d72a9587c9aa5bd3cc738b5fe8cb0a8ecbf0349d7a478e827aaaa6a24012f647ff656ffce53fee0d85df1234
-
SSDEEP
3072:2hg7Fd1x+JRyHFaQ7RQ05CTEezbClXv8r8+oFe6gobFHFzA+E+2yQHcj/:ygZd11FaQ7W05AEezbMPZFzAy2yA
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-