Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
3b3ed329b47e2b7162409b682aa61653.exe
-
Size
284KB
-
Sample
230630-scwkeade94
-
MD5
3b3ed329b47e2b7162409b682aa61653
-
SHA1
32c21b4e0687c88de0687b86d6215c0bf03c7373
-
SHA256
47677d1b0a154564df5f5fbf5f16e8c2dd493dc3c927ab44afaf971c0120793d
-
SHA512
b125268b3f35fe6c01b4babf5786082cf3dd3ffa733d8a92d5d3cd1d89f16a24b0923fa73a357fff4da52703bb2610bddb8acf5f9ae455cbe09ea3df430e216b
-
SSDEEP
6144:isO3VUfHU6Ps3bsmci25sndkzOYFwKBbvoEo+ciVh+d76u578C1A1EofDdxpHSqp:6QHnQLiVhc6uuEABLdb+jWrtJw7EszfG
Static task
static1
Behavioral task
behavioral1
Sample
3b3ed329b47e2b7162409b682aa61653.exe
Resource
win7-20230621-en
Malware Config
Extracted
redline
1006
176.123.9.142:14845
-
auth_value
b5da80860b093905c2bba6f9377af704
Targets
-
-
Target
3b3ed329b47e2b7162409b682aa61653.exe
-
Size
284KB
-
MD5
3b3ed329b47e2b7162409b682aa61653
-
SHA1
32c21b4e0687c88de0687b86d6215c0bf03c7373
-
SHA256
47677d1b0a154564df5f5fbf5f16e8c2dd493dc3c927ab44afaf971c0120793d
-
SHA512
b125268b3f35fe6c01b4babf5786082cf3dd3ffa733d8a92d5d3cd1d89f16a24b0923fa73a357fff4da52703bb2610bddb8acf5f9ae455cbe09ea3df430e216b
-
SSDEEP
6144:isO3VUfHU6Ps3bsmci25sndkzOYFwKBbvoEo+ciVh+d76u578C1A1EofDdxpHSqp:6QHnQLiVhc6uuEABLdb+jWrtJw7EszfG
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-