Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
ef8ff2d4d5a29b2eb234a258f3e62160f161b7a8ddb11dc7cd4822fb9a25bbd6
-
Size
721KB
-
Sample
230616-gvavwadb88
-
MD5
89113c9c8c6a95fd67c864dc3956827b
-
SHA1
c5ae46b8165110a777845cf9e611814420ea7d8a
-
SHA256
ef8ff2d4d5a29b2eb234a258f3e62160f161b7a8ddb11dc7cd4822fb9a25bbd6
-
SHA512
c7a5dce6802d8378211fafee54ff9087d359777859dd962b53b222559b9df057429688cf61bc91f1bdffb039b6cb82c5033dd0c9b0b4cd9df22495974bbb1731
-
SSDEEP
12288:MMrNy90cqO+JOybbyIpBwx7y3xasvwJHdVlXwF0sed3FeG3RV7CmMqvFCt+Ig2iv:JyJ+/bgehx+E03bBXvK+KiUg9
Static task
static1
Malware Config
Extracted
redline
dana
83.97.73.130:19061
-
auth_value
da2d1691db653e49676d799e1eae2673
Extracted
amadey
3.84
77.91.68.63/doma/net/index.php
Extracted
redline
joker
83.97.73.130:19061
-
auth_value
a98d303cc28bb3b32a23c59214ae3bc0
Targets
-
-
Target
ef8ff2d4d5a29b2eb234a258f3e62160f161b7a8ddb11dc7cd4822fb9a25bbd6
-
Size
721KB
-
MD5
89113c9c8c6a95fd67c864dc3956827b
-
SHA1
c5ae46b8165110a777845cf9e611814420ea7d8a
-
SHA256
ef8ff2d4d5a29b2eb234a258f3e62160f161b7a8ddb11dc7cd4822fb9a25bbd6
-
SHA512
c7a5dce6802d8378211fafee54ff9087d359777859dd962b53b222559b9df057429688cf61bc91f1bdffb039b6cb82c5033dd0c9b0b4cd9df22495974bbb1731
-
SSDEEP
12288:MMrNy90cqO+JOybbyIpBwx7y3xasvwJHdVlXwF0sed3FeG3RV7CmMqvFCt+Ig2iv:JyJ+/bgehx+E03bBXvK+KiUg9
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-