Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
3f0c1954ba094353d98983ca0.exe
-
Size
518KB
-
Sample
230707-ypfydacb4y
-
MD5
61d613c738b706df26c0dd7f90fe3342
-
SHA1
5a9c798d5f99b39b95bc0ebeba9c062e2aeca3a8
-
SHA256
3f0c1954ba094353d98983ca0bf2a6c61ca44493979a26575ba5e7c79d7fdd5d
-
SHA512
dfaccf35e01330457e887de24cba5824feb6e43ab49f4dc074386df5cc1b55c538698b7ffc9e2e4380429589cdfeb22b74929405c382201739539cbd334253eb
-
SSDEEP
6144:RaEXZjpxfvECAFbmaklCdnQgMy7PyMbjYOkYOWRbHR6Hv+9/57wYc5KAWyEagKsV:8EXpfvfaRdnQg97DjYyNR7gvL0ffxlFb
Static task
static1
Behavioral task
behavioral1
Sample
3f0c1954ba094353d98983ca0.exe
Resource
win7-20230703-en
Behavioral task
behavioral2
Sample
3f0c1954ba094353d98983ca0.exe
Resource
win10v2004-20230703-en
Malware Config
Extracted
redline
furod
77.91.68.70:19073
-
auth_value
d2386245fe11799b28b4521492a5879d
Targets
-
-
Target
3f0c1954ba094353d98983ca0.exe
-
Size
518KB
-
MD5
61d613c738b706df26c0dd7f90fe3342
-
SHA1
5a9c798d5f99b39b95bc0ebeba9c062e2aeca3a8
-
SHA256
3f0c1954ba094353d98983ca0bf2a6c61ca44493979a26575ba5e7c79d7fdd5d
-
SHA512
dfaccf35e01330457e887de24cba5824feb6e43ab49f4dc074386df5cc1b55c538698b7ffc9e2e4380429589cdfeb22b74929405c382201739539cbd334253eb
-
SSDEEP
6144:RaEXZjpxfvECAFbmaklCdnQgMy7PyMbjYOkYOWRbHR6Hv+9/57wYc5KAWyEagKsV:8EXpfvfaRdnQg97DjYyNR7gvL0ffxlFb
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-