Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
file.exe
-
Size
376KB
-
Sample
230703-3pegrsbh3w
-
MD5
ddb937c936b89d1a719e164313cdede7
-
SHA1
5449e5c6d72c7edd04fc24e0e59117d82327e41b
-
SHA256
b30c779dfd0acab965e95a348eff3d63a2fe795ebe1046f63e603455e974b9f6
-
SHA512
9ea05ad18c6ebccb57ddf5750e0e7219d6688d5f68078921c922b23bdb4e14abdd92583215a9029a0440f347ec330691dab994742f960847a33e87654e11db6b
-
SSDEEP
6144:JbMhSW4mcFbBaFghpKuHPY8t6b4WXLiXz3G:aIW4mclBaFghAuHdQuj2
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20230703-en
Malware Config
Extracted
redline
LogsDiller Cloud (Telegram: @logsdillabot)
146.59.161.7:48080
-
auth_value
c2955ed3813a798683a185a82e949f88
Targets
-
-
Target
file.exe
-
Size
376KB
-
MD5
ddb937c936b89d1a719e164313cdede7
-
SHA1
5449e5c6d72c7edd04fc24e0e59117d82327e41b
-
SHA256
b30c779dfd0acab965e95a348eff3d63a2fe795ebe1046f63e603455e974b9f6
-
SHA512
9ea05ad18c6ebccb57ddf5750e0e7219d6688d5f68078921c922b23bdb4e14abdd92583215a9029a0440f347ec330691dab994742f960847a33e87654e11db6b
-
SSDEEP
6144:JbMhSW4mcFbBaFghpKuHPY8t6b4WXLiXz3G:aIW4mclBaFghAuHdQuj2
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-