Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
e14c12b9703e541dc292a3c5be71f9704c5b370345da099ad757664b578fd579
-
Size
921KB
-
Sample
230716-jvhltsec21
-
MD5
3b1a049b7dcca6ebc454f5a9c21b4d29
-
SHA1
8247855a9863c5bf3ca9d929d7100c87056556ad
-
SHA256
e14c12b9703e541dc292a3c5be71f9704c5b370345da099ad757664b578fd579
-
SHA512
42b1c74482cfdfcc03b0ddf48c1fa350aba081b1390b52b37ca3561af26173f506d00d3be00d08db858e766dfc540222f9e03a6100d4a36b9866653207b81c0a
-
SSDEEP
24576:yy7FSbkfuNKjp64+9X2XYDmtpE5RC0Yrr:ZgbkfuNa1+hg2mt+Yr
Static task
static1
Behavioral task
behavioral1
Sample
e14c12b9703e541dc292a3c5be71f9704c5b370345da099ad757664b578fd579.exe
Resource
win10v2004-20230703-en
Malware Config
Extracted
redline
lamp
77.91.68.56:19071
-
auth_value
ee1df63bcdbe3de70f52810d94eaff7d
Targets
-
-
Target
e14c12b9703e541dc292a3c5be71f9704c5b370345da099ad757664b578fd579
-
Size
921KB
-
MD5
3b1a049b7dcca6ebc454f5a9c21b4d29
-
SHA1
8247855a9863c5bf3ca9d929d7100c87056556ad
-
SHA256
e14c12b9703e541dc292a3c5be71f9704c5b370345da099ad757664b578fd579
-
SHA512
42b1c74482cfdfcc03b0ddf48c1fa350aba081b1390b52b37ca3561af26173f506d00d3be00d08db858e766dfc540222f9e03a6100d4a36b9866653207b81c0a
-
SSDEEP
24576:yy7FSbkfuNKjp64+9X2XYDmtpE5RC0Yrr:ZgbkfuNa1+hg2mt+Yr
-
Detects Healer an antivirus disabler dropper
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Adds Run key to start application
-