Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
647feb7cc1e57303bad08c158.exe
-
Size
517KB
-
Sample
230708-k9jm4see5w
-
MD5
a839b1433c6cf133a9146a84dcf15a88
-
SHA1
278fdc62902264e6f5a759a1779c1282c68436d5
-
SHA256
647feb7cc1e57303bad08c1584526218fa1564b1c56d6edfe999486bddcc90ac
-
SHA512
621961ef07994499787d4c933cbbb0cd9e3b96372923a963a8a3202c720d5eec16d2d0e828227d37c29bec292b3281c0bf60cd256901709ac9e9ec79d87091ca
-
SSDEEP
12288:xf7afvbaRdnQgU+ps4QKrnPQE7mMSNYrHB4VUzSh:xf7wvb82gRu4Q6QEGYVYaSh
Static task
static1
Behavioral task
behavioral1
Sample
647feb7cc1e57303bad08c158.exe
Resource
win7-20230703-en
Behavioral task
behavioral2
Sample
647feb7cc1e57303bad08c158.exe
Resource
win10v2004-20230703-en
Malware Config
Extracted
redline
furod
77.91.68.70:19073
-
auth_value
d2386245fe11799b28b4521492a5879d
Targets
-
-
Target
647feb7cc1e57303bad08c158.exe
-
Size
517KB
-
MD5
a839b1433c6cf133a9146a84dcf15a88
-
SHA1
278fdc62902264e6f5a759a1779c1282c68436d5
-
SHA256
647feb7cc1e57303bad08c1584526218fa1564b1c56d6edfe999486bddcc90ac
-
SHA512
621961ef07994499787d4c933cbbb0cd9e3b96372923a963a8a3202c720d5eec16d2d0e828227d37c29bec292b3281c0bf60cd256901709ac9e9ec79d87091ca
-
SSDEEP
12288:xf7afvbaRdnQgU+ps4QKrnPQE7mMSNYrHB4VUzSh:xf7wvb82gRu4Q6QEGYVYaSh
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-