Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
05e598017633571946677f40b56275d81c4f591428fe51a7c77e8cba53a97218
-
Size
583KB
-
Sample
230616-tbreqsfd6y
-
MD5
d51224c90f24410eea55e3c47773289c
-
SHA1
3a13a8adbaf0a273e7ffc1ac0370c1a754b7f950
-
SHA256
05e598017633571946677f40b56275d81c4f591428fe51a7c77e8cba53a97218
-
SHA512
e47c7018f34d77f3e3f697b0d1d01dbc1e5d594a87546a6f018ed638ad349274f2384a4c827965611c053a6f2e4da722aba28b4a3fe886c450254e08bc0a20ce
-
SSDEEP
12288:5Mrdy90XhMagpXyIoTm54VShfekHZVgT+yE2zvcLT:0yASPyxm54VvkHZVgT+yEuELT
Static task
static1
Malware Config
Extracted
redline
dana
83.97.73.130:19061
-
auth_value
da2d1691db653e49676d799e1eae2673
Extracted
amadey
3.84
77.91.68.63/doma/net/index.php
Extracted
redline
grega
83.97.73.130:19061
-
auth_value
16e2fbc2847b2270b3f0679e2dd76c8d
Targets
-
-
Target
05e598017633571946677f40b56275d81c4f591428fe51a7c77e8cba53a97218
-
Size
583KB
-
MD5
d51224c90f24410eea55e3c47773289c
-
SHA1
3a13a8adbaf0a273e7ffc1ac0370c1a754b7f950
-
SHA256
05e598017633571946677f40b56275d81c4f591428fe51a7c77e8cba53a97218
-
SHA512
e47c7018f34d77f3e3f697b0d1d01dbc1e5d594a87546a6f018ed638ad349274f2384a4c827965611c053a6f2e4da722aba28b4a3fe886c450254e08bc0a20ce
-
SSDEEP
12288:5Mrdy90XhMagpXyIoTm54VShfekHZVgT+yE2zvcLT:0yASPyxm54VvkHZVgT+yEuELT
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-