Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
400c9c607756481252a7af2454dc1184049d6976063ea908c1f98564ffbe9d4a
-
Size
989KB
-
Sample
230711-2n1g6sca3w
-
MD5
caa77db1d9e91c03420de42d0881b211
-
SHA1
6adec40078a6253bbd06cbfa728ff4518355ac59
-
SHA256
400c9c607756481252a7af2454dc1184049d6976063ea908c1f98564ffbe9d4a
-
SHA512
aecb982c6ea0b3b875302fe39b0292624660463b57af51e97acf37c735f84f40512de6baec82e8fdfb357defb45a6cae4c9f6210719822e039f5c32bd3b45649
-
SSDEEP
24576:1yl5k1tfjHfabqFIr8iHlOi6JIni5NWxlOhD:Q/qtrHf7C8oAirnCAxlO
Static task
static1
Behavioral task
behavioral1
Sample
400c9c607756481252a7af2454dc1184049d6976063ea908c1f98564ffbe9d4a.exe
Resource
win7-20230703-en
Behavioral task
behavioral2
Sample
400c9c607756481252a7af2454dc1184049d6976063ea908c1f98564ffbe9d4a.exe
Resource
win10-20230703-en
Malware Config
Extracted
redline
kira
77.91.68.48:19071
-
auth_value
1677a40fd8997eb89377e1681911e9c6
Targets
-
-
Target
400c9c607756481252a7af2454dc1184049d6976063ea908c1f98564ffbe9d4a
-
Size
989KB
-
MD5
caa77db1d9e91c03420de42d0881b211
-
SHA1
6adec40078a6253bbd06cbfa728ff4518355ac59
-
SHA256
400c9c607756481252a7af2454dc1184049d6976063ea908c1f98564ffbe9d4a
-
SHA512
aecb982c6ea0b3b875302fe39b0292624660463b57af51e97acf37c735f84f40512de6baec82e8fdfb357defb45a6cae4c9f6210719822e039f5c32bd3b45649
-
SSDEEP
24576:1yl5k1tfjHfabqFIr8iHlOi6JIni5NWxlOhD:Q/qtrHf7C8oAirnCAxlO
-
Detects Healer an antivirus disabler dropper
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-