Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
d600cc14702cc6f23185d43348286f6c50e2f76e2238584f5e7f5970cd893b95
-
Size
390KB
-
Sample
230717-1y7hssfg4w
-
MD5
1b7d3b9ab1a1a54be030efa2b6927ec3
-
SHA1
8c0a3db3ee781a25e2a0441f1199da44db3b48a1
-
SHA256
d600cc14702cc6f23185d43348286f6c50e2f76e2238584f5e7f5970cd893b95
-
SHA512
b1c1786f0a1eef2e333368b007ae2ffa7fc918b6a668a8a779d735bbc6ff251cd5f527aed0ce3878976a580733c1473e4b4ee5fce2120b4b788dae6f05321bae
-
SSDEEP
6144:KNy+bnr+kp0yN90QETOfCvC1WaLUp4/nvxFCcHnlRHbbgJhyFiHdhEM7xH:rMr8y90IfCqo4/vucHnl9Qryqdh7H
Static task
static1
Behavioral task
behavioral1
Sample
d600cc14702cc6f23185d43348286f6c50e2f76e2238584f5e7f5970cd893b95.exe
Resource
win10-20230703-en
Malware Config
Extracted
amadey
3.85
77.91.68.3/home/love/index.php
Extracted
redline
roma
77.91.68.56:19071
-
auth_value
f099c2cf92834dbc554a94e1456cf576
Targets
-
-
Target
d600cc14702cc6f23185d43348286f6c50e2f76e2238584f5e7f5970cd893b95
-
Size
390KB
-
MD5
1b7d3b9ab1a1a54be030efa2b6927ec3
-
SHA1
8c0a3db3ee781a25e2a0441f1199da44db3b48a1
-
SHA256
d600cc14702cc6f23185d43348286f6c50e2f76e2238584f5e7f5970cd893b95
-
SHA512
b1c1786f0a1eef2e333368b007ae2ffa7fc918b6a668a8a779d735bbc6ff251cd5f527aed0ce3878976a580733c1473e4b4ee5fce2120b4b788dae6f05321bae
-
SSDEEP
6144:KNy+bnr+kp0yN90QETOfCvC1WaLUp4/nvxFCcHnlRHbbgJhyFiHdhEM7xH:rMr8y90IfCqo4/vucHnl9Qryqdh7H
-
Detects Healer an antivirus disabler dropper
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-