Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
cd8b376c845db49fed8314ea909d24d549e40423f5b4903453c17418e8c9aee4
-
Size
514KB
-
Sample
230718-b49gxaff96
-
MD5
a67ab042c2e6b3bd76f8f1d0ecd55433
-
SHA1
69e5863bdedffcbb4696389a8136cb8721892556
-
SHA256
cd8b376c845db49fed8314ea909d24d549e40423f5b4903453c17418e8c9aee4
-
SHA512
a25a2931f8beeef7f4fdb15d96cb517babf6d7fd386a91f20545f691816d4f278e6a94d690e03b4ea448c13922a07eb668610e50d444cc54dcefd691df9bc43b
-
SSDEEP
12288:qMray90ESvRzl77MB5czJEX8h+NCtkRz9gIdI:IyMvRx7AB5KEX8IQkRiIS
Static task
static1
Behavioral task
behavioral1
Sample
cd8b376c845db49fed8314ea909d24d549e40423f5b4903453c17418e8c9aee4.exe
Resource
win10-20230703-en
Malware Config
Extracted
amadey
3.85
77.91.68.3/home/love/index.php
Extracted
smokeloader
2022
http://77.91.68.29/fks/
Extracted
redline
roma
77.91.68.56:19071
-
auth_value
f099c2cf92834dbc554a94e1456cf576
Targets
-
-
Target
cd8b376c845db49fed8314ea909d24d549e40423f5b4903453c17418e8c9aee4
-
Size
514KB
-
MD5
a67ab042c2e6b3bd76f8f1d0ecd55433
-
SHA1
69e5863bdedffcbb4696389a8136cb8721892556
-
SHA256
cd8b376c845db49fed8314ea909d24d549e40423f5b4903453c17418e8c9aee4
-
SHA512
a25a2931f8beeef7f4fdb15d96cb517babf6d7fd386a91f20545f691816d4f278e6a94d690e03b4ea448c13922a07eb668610e50d444cc54dcefd691df9bc43b
-
SSDEEP
12288:qMray90ESvRzl77MB5czJEX8h+NCtkRz9gIdI:IyMvRx7AB5KEX8IQkRiIS
-
Detects Healer an antivirus disabler dropper
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-