Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
a6c67445353ae59cb66249db005dd08e7e1eb2f578a3b336e70eba534c4cf712
-
Size
282KB
-
Sample
230608-a652tsaa33
-
MD5
326a1c7535fc4788290c59cc84200e0d
-
SHA1
b2c30db231fa97488a34976041dae89e0a7c5f43
-
SHA256
a6c67445353ae59cb66249db005dd08e7e1eb2f578a3b336e70eba534c4cf712
-
SHA512
f6c2379c64ba680a80b0f2d2fa2ab09e232f878a37716feb7ea7cf5c8432c8fa155656e4970f6c9cdd470352e3198ec3bb7ef73fa09f828f1164edfdf311fe24
-
SSDEEP
6144:8QvoWvJr4XV3wvTygXUNVS4MGh1aBFrvz1xcxcWhcrt:8UNaKyR1aBFrvz1xcxdcrt
Static task
static1
Behavioral task
behavioral1
Sample
a6c67445353ae59cb66249db005dd08e7e1eb2f578a3b336e70eba534c4cf712.exe
Resource
win10-20230220-en
Malware Config
Extracted
redline
sheron
83.97.73.129:19068
-
auth_value
2d067e7e2372227d3a03b335260112e9
Targets
-
-
Target
a6c67445353ae59cb66249db005dd08e7e1eb2f578a3b336e70eba534c4cf712
-
Size
282KB
-
MD5
326a1c7535fc4788290c59cc84200e0d
-
SHA1
b2c30db231fa97488a34976041dae89e0a7c5f43
-
SHA256
a6c67445353ae59cb66249db005dd08e7e1eb2f578a3b336e70eba534c4cf712
-
SHA512
f6c2379c64ba680a80b0f2d2fa2ab09e232f878a37716feb7ea7cf5c8432c8fa155656e4970f6c9cdd470352e3198ec3bb7ef73fa09f828f1164edfdf311fe24
-
SSDEEP
6144:8QvoWvJr4XV3wvTygXUNVS4MGh1aBFrvz1xcxcWhcrt:8UNaKyR1aBFrvz1xcxdcrt
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-