Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
a14b4638a03b1aed3940efe11f1e378d.exe
-
Size
261KB
-
Sample
230607-xf5dyafa4y
-
MD5
a14b4638a03b1aed3940efe11f1e378d
-
SHA1
a571155a2f23d0f585031eddf2bcaa9e64e265dd
-
SHA256
25e0680b5662e36ea3319eff62390153427d097238004d4b3326e793f078e3c3
-
SHA512
70c23b27bae8099b3b652775544688deb2d3174efb997c4a59e71f6c0f1ff28c9087aca40dab16f1b28e6006c0cdd75bc73f39bac2b6b286b993e499c550c642
-
SSDEEP
3072:Dhg73zv1GOdRyHFaQ7RQ05CTEezbClXv8r8+oFe6gobFHFzA+E+2yQHcj/:1g/v1yFaQ7W05AEezbMPZFzAy2yA
Static task
static1
Behavioral task
behavioral1
Sample
a14b4638a03b1aed3940efe11f1e378d.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
a14b4638a03b1aed3940efe11f1e378d.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
sheron
83.97.73.129:19068
-
auth_value
2d067e7e2372227d3a03b335260112e9
Targets
-
-
Target
a14b4638a03b1aed3940efe11f1e378d.exe
-
Size
261KB
-
MD5
a14b4638a03b1aed3940efe11f1e378d
-
SHA1
a571155a2f23d0f585031eddf2bcaa9e64e265dd
-
SHA256
25e0680b5662e36ea3319eff62390153427d097238004d4b3326e793f078e3c3
-
SHA512
70c23b27bae8099b3b652775544688deb2d3174efb997c4a59e71f6c0f1ff28c9087aca40dab16f1b28e6006c0cdd75bc73f39bac2b6b286b993e499c550c642
-
SSDEEP
3072:Dhg73zv1GOdRyHFaQ7RQ05CTEezbClXv8r8+oFe6gobFHFzA+E+2yQHcj/:1g/v1yFaQ7W05AEezbMPZFzAy2yA
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-