Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
8eaa8200ae1edab74652da8c3.exe
-
Size
514KB
-
Sample
230709-tlh64sec79
-
MD5
8eaa8200ae1edab74652da8c3db0b8e0
-
SHA1
817310ecc48861a9a52f83321090e5bd33c78f14
-
SHA256
df69d2c8a41a796c33d7a623977ef8a4d4b85cb02b9907fa3ce1c7e777837966
-
SHA512
ca623502fcd9e8f28096ac3b58261914150cf0de2fd4bf5156b595c7cf87a526417987c8fc825b67c70d3495ff970b391ea9bfd52aacd65a259d8e8057400e0c
-
SSDEEP
12288:Sob/GfvfaRdnQgfdj16fH/xcK3FH0fIp30n:SI/cvf82gfCfH/x9VH0Qp30n
Static task
static1
Behavioral task
behavioral1
Sample
8eaa8200ae1edab74652da8c3.exe
Resource
win7-20230703-en
Behavioral task
behavioral2
Sample
8eaa8200ae1edab74652da8c3.exe
Resource
win10v2004-20230703-en
Malware Config
Extracted
redline
furod
77.91.68.70:19073
-
auth_value
d2386245fe11799b28b4521492a5879d
Targets
-
-
Target
8eaa8200ae1edab74652da8c3.exe
-
Size
514KB
-
MD5
8eaa8200ae1edab74652da8c3db0b8e0
-
SHA1
817310ecc48861a9a52f83321090e5bd33c78f14
-
SHA256
df69d2c8a41a796c33d7a623977ef8a4d4b85cb02b9907fa3ce1c7e777837966
-
SHA512
ca623502fcd9e8f28096ac3b58261914150cf0de2fd4bf5156b595c7cf87a526417987c8fc825b67c70d3495ff970b391ea9bfd52aacd65a259d8e8057400e0c
-
SSDEEP
12288:Sob/GfvfaRdnQgfdj16fH/xcK3FH0fIp30n:SI/cvf82gfCfH/x9VH0Qp30n
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-