Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
be8289a102bbd49e9e63e3b1b332d6bc2455cc22d405c9a57e7c8af7eaa77ac2
-
Size
282KB
-
Sample
230608-bbb1yaaa78
-
MD5
b98d773562dd834e2c53c3f5f71e335e
-
SHA1
c90de73fa87e4c2ab070553193703be19f0aba23
-
SHA256
be8289a102bbd49e9e63e3b1b332d6bc2455cc22d405c9a57e7c8af7eaa77ac2
-
SHA512
134f34e1b2900d82e129d0f75899b41ed8eb69b014bb3ebf979386fd5f7da4cd891ef47361a14292247b6782fd7a52221f136b091fadb620fa2fc634e0ac6e13
-
SSDEEP
6144:4QvoWvJuXZpxwvTygXUNVS4MGh1aBFrvz1xcxcWhirt:4UcJEyR1aBFrvz1xcxdirt
Static task
static1
Behavioral task
behavioral1
Sample
be8289a102bbd49e9e63e3b1b332d6bc2455cc22d405c9a57e7c8af7eaa77ac2.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
sheron
83.97.73.129:19068
-
auth_value
2d067e7e2372227d3a03b335260112e9
Targets
-
-
Target
be8289a102bbd49e9e63e3b1b332d6bc2455cc22d405c9a57e7c8af7eaa77ac2
-
Size
282KB
-
MD5
b98d773562dd834e2c53c3f5f71e335e
-
SHA1
c90de73fa87e4c2ab070553193703be19f0aba23
-
SHA256
be8289a102bbd49e9e63e3b1b332d6bc2455cc22d405c9a57e7c8af7eaa77ac2
-
SHA512
134f34e1b2900d82e129d0f75899b41ed8eb69b014bb3ebf979386fd5f7da4cd891ef47361a14292247b6782fd7a52221f136b091fadb620fa2fc634e0ac6e13
-
SSDEEP
6144:4QvoWvJuXZpxwvTygXUNVS4MGh1aBFrvz1xcxcWhirt:4UcJEyR1aBFrvz1xcxdirt
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-