Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
8db980d91bda0fe2a070c2618.exe
-
Size
538KB
-
Sample
230709-naernacf68
-
MD5
0a6b3eb000b952d128586d34fd30426e
-
SHA1
356351c1a03eb4635181be92810bc44f60a676e4
-
SHA256
8db980d91bda0fe2a070c2618ea67f048334805d49fa5c7a1428f46f89e1b56a
-
SHA512
c107d747b396227530223c8ccd774e91d1f8dcb518f822394e870066f8640a9e9b2347d6665fe2bd20188ebefd6230c6c765cecd3f1620baab26081d149106aa
-
SSDEEP
6144:5Y15rR4hzwJB4INWQBS1ZpgINmiE9UO7o0FCpWUCDgTkpv4aKvuc2fSJam6wdUIx:5YF4iz4INWQBS/h3ZG/jv5KR2azZih
Static task
static1
Behavioral task
behavioral1
Sample
8db980d91bda0fe2a070c2618.exe
Resource
win7-20230703-en
Behavioral task
behavioral2
Sample
8db980d91bda0fe2a070c2618.exe
Resource
win10v2004-20230703-en
Malware Config
Extracted
redline
furod
77.91.68.70:19073
-
auth_value
d2386245fe11799b28b4521492a5879d
Targets
-
-
Target
8db980d91bda0fe2a070c2618.exe
-
Size
538KB
-
MD5
0a6b3eb000b952d128586d34fd30426e
-
SHA1
356351c1a03eb4635181be92810bc44f60a676e4
-
SHA256
8db980d91bda0fe2a070c2618ea67f048334805d49fa5c7a1428f46f89e1b56a
-
SHA512
c107d747b396227530223c8ccd774e91d1f8dcb518f822394e870066f8640a9e9b2347d6665fe2bd20188ebefd6230c6c765cecd3f1620baab26081d149106aa
-
SSDEEP
6144:5Y15rR4hzwJB4INWQBS1ZpgINmiE9UO7o0FCpWUCDgTkpv4aKvuc2fSJam6wdUIx:5YF4iz4INWQBS/h3ZG/jv5KR2azZih
-
Detects Healer an antivirus disabler dropper
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-