Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
037cba00bb14891c6e6f91d115b7205721eeefb3464c6.exe
-
Size
517KB
-
Sample
230707-wz667sbe2t
-
MD5
7f170afae905d5b0c992931753cdf377
-
SHA1
b13968b4ffa1c8a425553a137b36892a9386f851
-
SHA256
037cba00bb14891c6e6f91d115b7205721eeefb3464c60dbef6a9dd374accd92
-
SHA512
65dcb5853a95e71b7d18c1c9a9e63629e57e54ed4e49ce3b0582a72bef2e0fa5308569700ce9467802422ed4129f72706580eac710a42231bd3322924291705a
-
SSDEEP
12288:Dwr5fvvaRdnQgFx56nfKcanmICbqvmcO/v+:Dwr1vv82gFLw64bqvaH+
Static task
static1
Behavioral task
behavioral1
Sample
037cba00bb14891c6e6f91d115b7205721eeefb3464c6.exe
Resource
win7-20230703-en
Behavioral task
behavioral2
Sample
037cba00bb14891c6e6f91d115b7205721eeefb3464c6.exe
Resource
win10v2004-20230703-en
Malware Config
Extracted
redline
furod
77.91.68.70:19073
-
auth_value
d2386245fe11799b28b4521492a5879d
Targets
-
-
Target
037cba00bb14891c6e6f91d115b7205721eeefb3464c6.exe
-
Size
517KB
-
MD5
7f170afae905d5b0c992931753cdf377
-
SHA1
b13968b4ffa1c8a425553a137b36892a9386f851
-
SHA256
037cba00bb14891c6e6f91d115b7205721eeefb3464c60dbef6a9dd374accd92
-
SHA512
65dcb5853a95e71b7d18c1c9a9e63629e57e54ed4e49ce3b0582a72bef2e0fa5308569700ce9467802422ed4129f72706580eac710a42231bd3322924291705a
-
SSDEEP
12288:Dwr5fvvaRdnQgFx56nfKcanmICbqvmcO/v+:Dwr1vv82gFLw64bqvaH+
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-