Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2e86d3fc5d4194ea99d9d18407169d0a4f1ef70e1f6763796aa498f55c568853
-
Size
390KB
-
Sample
230717-acpsrahd82
-
MD5
a0fe69670671b4867f4a47b9532cdc78
-
SHA1
efe66d739057b14127368dad47b88f3b8caefe91
-
SHA256
2e86d3fc5d4194ea99d9d18407169d0a4f1ef70e1f6763796aa498f55c568853
-
SHA512
cc4509bc3ffc1a7484e06c8931c7eebeb7bfcc08a82800f0989d01a657e3ad3518369c5cdf2dffafbc3b3793e13d94bccad9e8291d08b5975dbcef1c6768a8c4
-
SSDEEP
6144:K6y+bnr+9p0yN90QEnSGcHSVvb46L6hGlxygsnnNLvYpGtxSzKswLpf42aYlzckU:aMrVy90InyVDMnNbue35BmG3L0
Static task
static1
Behavioral task
behavioral1
Sample
2e86d3fc5d4194ea99d9d18407169d0a4f1ef70e1f6763796aa498f55c568853.exe
Resource
win10-20230703-en
Malware Config
Extracted
amadey
3.85
77.91.68.3/home/love/index.php
Extracted
redline
zahar
77.91.68.56:19071
-
auth_value
94c55a31fcf1761f07eeb4a0c6fb74fa
Targets
-
-
Target
2e86d3fc5d4194ea99d9d18407169d0a4f1ef70e1f6763796aa498f55c568853
-
Size
390KB
-
MD5
a0fe69670671b4867f4a47b9532cdc78
-
SHA1
efe66d739057b14127368dad47b88f3b8caefe91
-
SHA256
2e86d3fc5d4194ea99d9d18407169d0a4f1ef70e1f6763796aa498f55c568853
-
SHA512
cc4509bc3ffc1a7484e06c8931c7eebeb7bfcc08a82800f0989d01a657e3ad3518369c5cdf2dffafbc3b3793e13d94bccad9e8291d08b5975dbcef1c6768a8c4
-
SSDEEP
6144:K6y+bnr+9p0yN90QEnSGcHSVvb46L6hGlxygsnnNLvYpGtxSzKswLpf42aYlzckU:aMrVy90InyVDMnNbue35BmG3L0
-
Detects Healer an antivirus disabler dropper
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-