Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
9d46f19ed7d03ccb640e5c9a0d4c6366d4996241d9f7fdf19438d917cfc7bfb7
-
Size
282KB
-
Sample
230608-cmq5nsag82
-
MD5
5da1708c0b6f0135f27263a38eb66bcb
-
SHA1
86c0c55c06c2ee3795905af3cda2a8f9028ae5f0
-
SHA256
9d46f19ed7d03ccb640e5c9a0d4c6366d4996241d9f7fdf19438d917cfc7bfb7
-
SHA512
11ed64892e6216049f668c2af85d8cee0c415159adaa1727ddb50854725d99bab672253561b92fcaebdf7d2ee122223296964c5dbaa404c017442af70fe1ef39
-
SSDEEP
6144:XQvoWvJxQXjwvTygXUNVS4MGh1aBFrvz1xcxcWhUrtd:XU04yR1aBFrvz1xcxdUrtd
Static task
static1
Behavioral task
behavioral1
Sample
9d46f19ed7d03ccb640e5c9a0d4c6366d4996241d9f7fdf19438d917cfc7bfb7.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
sheron
83.97.73.129:19068
-
auth_value
2d067e7e2372227d3a03b335260112e9
Targets
-
-
Target
9d46f19ed7d03ccb640e5c9a0d4c6366d4996241d9f7fdf19438d917cfc7bfb7
-
Size
282KB
-
MD5
5da1708c0b6f0135f27263a38eb66bcb
-
SHA1
86c0c55c06c2ee3795905af3cda2a8f9028ae5f0
-
SHA256
9d46f19ed7d03ccb640e5c9a0d4c6366d4996241d9f7fdf19438d917cfc7bfb7
-
SHA512
11ed64892e6216049f668c2af85d8cee0c415159adaa1727ddb50854725d99bab672253561b92fcaebdf7d2ee122223296964c5dbaa404c017442af70fe1ef39
-
SSDEEP
6144:XQvoWvJxQXjwvTygXUNVS4MGh1aBFrvz1xcxcWhUrtd:XU04yR1aBFrvz1xcxdUrtd
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-