Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
f331a7cf8403c3f7ab788b31f13dde59930c3752513683fec5886026ac1be899
-
Size
1.5MB
-
Sample
230713-291eascd6v
-
MD5
c9f56ff9bcae67e1879fdaa22980cb85
-
SHA1
aa932f270120aef9484c0fa76829c464ccf8d418
-
SHA256
f331a7cf8403c3f7ab788b31f13dde59930c3752513683fec5886026ac1be899
-
SHA512
70fb16a1be69c0ecc0a7a88a29b0a85402ce3f69cafdf9f74171342715f228ccb2abb55a1988f6e96ab81cc80e02dfd1a7e484c8d88133c62bc19e579faacece
-
SSDEEP
24576:vyulD1s1/VtJmCwl3ZqvUZOjQgtqEfsVcbrH+d5h69S08FKrLYJmyBM1tj1LB:6ulD6rtM4MZOjLqsSE9S0G6EA
Static task
static1
Behavioral task
behavioral1
Sample
f331a7cf8403c3f7ab788b31f13dde59930c3752513683fec5886026ac1be899.exe
Resource
win10-20230703-en
Malware Config
Extracted
redline
masha
77.91.68.48:19071
-
auth_value
55b9b39a0dae383196a4b8d79e5bb805
Targets
-
-
Target
f331a7cf8403c3f7ab788b31f13dde59930c3752513683fec5886026ac1be899
-
Size
1.5MB
-
MD5
c9f56ff9bcae67e1879fdaa22980cb85
-
SHA1
aa932f270120aef9484c0fa76829c464ccf8d418
-
SHA256
f331a7cf8403c3f7ab788b31f13dde59930c3752513683fec5886026ac1be899
-
SHA512
70fb16a1be69c0ecc0a7a88a29b0a85402ce3f69cafdf9f74171342715f228ccb2abb55a1988f6e96ab81cc80e02dfd1a7e484c8d88133c62bc19e579faacece
-
SSDEEP
24576:vyulD1s1/VtJmCwl3ZqvUZOjQgtqEfsVcbrH+d5h69S08FKrLYJmyBM1tj1LB:6ulD6rtM4MZOjLqsSE9S0G6EA
-
Detects Healer an antivirus disabler dropper
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Adds Run key to start application
-