Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
DawnLand6.exe
-
Size
10.0MB
-
Sample
230706-v9fassdf27
-
MD5
9fa3180810afbbb9f999e5239027fdec
-
SHA1
3c3610842d1bb832cf8a422714da529708a8e6ec
-
SHA256
6b937ac8b7f889100cf86a34f74ff2fbdba7b072822026ab275d2a5ee6b7b650
-
SHA512
04e411cd7114b0904576f33bcb02d876136a035fcbed5ec71728e426d0fbd37d8ee0896113036745bc452482771df918885b6b0e829c49b17bf46687bc9c47d8
-
SSDEEP
3072:hca9VP4bW3TRHuTMGidsptIGT31qrIf//3x5cJKy9g/kdLUVgKuOiyb:hxP44Huwc31qrw/fx5uRdLAgKu58
Static task
static1
Behavioral task
behavioral1
Sample
DawnLand6.exe
Resource
win7-20230703-en
Behavioral task
behavioral2
Sample
DawnLand6.exe
Resource
win10v2004-20230703-en
Malware Config
Extracted
redline
DAwnLand
212.113.116.143:23052
-
auth_value
8fc5b8d18171bebfcf117ba0aad639d2
Targets
-
-
Target
DawnLand6.exe
-
Size
10.0MB
-
MD5
9fa3180810afbbb9f999e5239027fdec
-
SHA1
3c3610842d1bb832cf8a422714da529708a8e6ec
-
SHA256
6b937ac8b7f889100cf86a34f74ff2fbdba7b072822026ab275d2a5ee6b7b650
-
SHA512
04e411cd7114b0904576f33bcb02d876136a035fcbed5ec71728e426d0fbd37d8ee0896113036745bc452482771df918885b6b0e829c49b17bf46687bc9c47d8
-
SSDEEP
3072:hca9VP4bW3TRHuTMGidsptIGT31qrIf//3x5cJKy9g/kdLUVgKuOiyb:hxP44Huwc31qrw/fx5uRdLAgKu58
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-