Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
5461b2ea5f397c9dffba0bf58e4b4a77.bin
-
Size
1.3MB
-
Sample
230712-bqjpbsbd95
-
MD5
3fc9f2b6b2dfe4f6202506e738c61a56
-
SHA1
05bac3eb7f26d531e87ca0e6469a3db7f9b4d70c
-
SHA256
7fd190439f0ae37e1f774f163eaa9d28a826b8834f3978882222a63d9d220f23
-
SHA512
e87e1d5ee6bbaac089585badcf23781514631cb7dc664d098b94f1a6cc0be228a24f1054a3f1fd3692fb23104f5450a6df60faf530d2a666675bf5d67ba23623
-
SSDEEP
24576:c1ZpIcu3sQmslL1suMk67atQqM8SHIYWVlSweOxMnmPns989KB0mB3b6q:WrIc+V1jMkttQ9WzSweOamPnCI40O1
Static task
static1
Behavioral task
behavioral1
Sample
26bc3d8b0c6cd099d29f18e481d101c5be5b49db9655a0eb2cc339f9721b77ae.exe
Resource
win7-20230703-en
Behavioral task
behavioral2
Sample
26bc3d8b0c6cd099d29f18e481d101c5be5b49db9655a0eb2cc339f9721b77ae.exe
Resource
win10v2004-20230703-en
Malware Config
Extracted
redline
kira
77.91.68.48:19071
-
auth_value
1677a40fd8997eb89377e1681911e9c6
Targets
-
-
Target
26bc3d8b0c6cd099d29f18e481d101c5be5b49db9655a0eb2cc339f9721b77ae.exe
-
Size
1.3MB
-
MD5
5461b2ea5f397c9dffba0bf58e4b4a77
-
SHA1
4aa5824c71de814f76a2c18f0ebccc0d47d1269f
-
SHA256
26bc3d8b0c6cd099d29f18e481d101c5be5b49db9655a0eb2cc339f9721b77ae
-
SHA512
d7d79de2545ef38d463b3c3d75f1bf7267727f5fcf35fa183cf2fe2b529b58a96ca5e436f08fb3684c3651b6fd690215578eece22f693d323b69f6811dc45c36
-
SSDEEP
24576:bE47kOUEfJvETlpqftmHioiS+yvk3RZAdBbVTb34k30/8dRi9:bEq5PfJvExMftmHzO0khZApykji9
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-