Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
3d3ef1ec8a0681de9038a857381d9cb83014c3723083e3f2ca05ba2214a1607b
-
Size
733KB
-
Sample
230616-rn8hnsfd23
-
MD5
3e20d33d0da00f7c9f7532cbd220cfde
-
SHA1
26889d676f341d3d3372b7e7b2132e4eb6a226f9
-
SHA256
3d3ef1ec8a0681de9038a857381d9cb83014c3723083e3f2ca05ba2214a1607b
-
SHA512
4036ee64a78401033657b277bc36ca2196cf0cf06c9751bb4b86577b07a95da3db87fe0170f6937fb2560f629dab0bfcb4c1ba03c916a9d6fdcdb4c4e7da6d1f
-
SSDEEP
12288:hMrry90ycvomkV2OyIcGITX5QUyKITJvVVjZE28Dgw/JsX5BAqc1xf23A9:Oy2rkUOylVTXsKITJvbjZEDEwRaDcDOK
Static task
static1
Malware Config
Extracted
redline
dana
83.97.73.130:19061
-
auth_value
da2d1691db653e49676d799e1eae2673
Extracted
amadey
3.84
77.91.68.63/doma/net/index.php
Extracted
redline
grega
83.97.73.130:19061
-
auth_value
16e2fbc2847b2270b3f0679e2dd76c8d
Targets
-
-
Target
3d3ef1ec8a0681de9038a857381d9cb83014c3723083e3f2ca05ba2214a1607b
-
Size
733KB
-
MD5
3e20d33d0da00f7c9f7532cbd220cfde
-
SHA1
26889d676f341d3d3372b7e7b2132e4eb6a226f9
-
SHA256
3d3ef1ec8a0681de9038a857381d9cb83014c3723083e3f2ca05ba2214a1607b
-
SHA512
4036ee64a78401033657b277bc36ca2196cf0cf06c9751bb4b86577b07a95da3db87fe0170f6937fb2560f629dab0bfcb4c1ba03c916a9d6fdcdb4c4e7da6d1f
-
SSDEEP
12288:hMrry90ycvomkV2OyIcGITX5QUyKITJvVVjZE28Dgw/JsX5BAqc1xf23A9:Oy2rkUOylVTXsKITJvbjZEDEwRaDcDOK
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-