Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
6cf6982c96f7245e3e91d68bc9b273474c877cd08f22d9033a8640919aab5d0b
-
Size
282KB
-
Sample
230608-el73xabg84
-
MD5
d01e4cd36a49b02fbc18897c62cb514d
-
SHA1
288f9e0c6b8d7985e9937c1dacf5cf77cfaa8cf4
-
SHA256
6cf6982c96f7245e3e91d68bc9b273474c877cd08f22d9033a8640919aab5d0b
-
SHA512
ff99488a94d5e4eca700c7ec01524202a65b7cac0a33c0618758faa05680792652a07e4c83a441ffb8f13abb1f0b20eafe62fbb82e0803f55b0f54f26b99d401
-
SSDEEP
6144:/QvoWvJtO8QwvTygXUNVS4MGh1aBFrvz1xcxcWhOrtn:/UCayR1aBFrvz1xcxdOrtn
Static task
static1
Behavioral task
behavioral1
Sample
6cf6982c96f7245e3e91d68bc9b273474c877cd08f22d9033a8640919aab5d0b.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
sheron
83.97.73.129:19068
-
auth_value
2d067e7e2372227d3a03b335260112e9
Targets
-
-
Target
6cf6982c96f7245e3e91d68bc9b273474c877cd08f22d9033a8640919aab5d0b
-
Size
282KB
-
MD5
d01e4cd36a49b02fbc18897c62cb514d
-
SHA1
288f9e0c6b8d7985e9937c1dacf5cf77cfaa8cf4
-
SHA256
6cf6982c96f7245e3e91d68bc9b273474c877cd08f22d9033a8640919aab5d0b
-
SHA512
ff99488a94d5e4eca700c7ec01524202a65b7cac0a33c0618758faa05680792652a07e4c83a441ffb8f13abb1f0b20eafe62fbb82e0803f55b0f54f26b99d401
-
SSDEEP
6144:/QvoWvJtO8QwvTygXUNVS4MGh1aBFrvz1xcxcWhOrtn:/UCayR1aBFrvz1xcxdOrtn
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-