Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
ff6e66003ed52c6be563ba7a8d6470735770135863e7ea3e6950b9883bdfc4bb
-
Size
388KB
-
Sample
230718-rmlyaabh61
-
MD5
c7aabe1fbaa80e3159dbb6ef29396860
-
SHA1
696e24c28afa08e6d1bd9b6745f4bff3846986c5
-
SHA256
ff6e66003ed52c6be563ba7a8d6470735770135863e7ea3e6950b9883bdfc4bb
-
SHA512
a5a84e0e8898937b0e8c285502717f157eac848d2bb35c8353d2b262c50892f86ea31d2209f188000846375d45872fdff238edb66d53ddba1372a50c5aba7a78
-
SSDEEP
6144:KGy+bnr+wp0yN90QEawwwbwgaNmRAwcuQ9Ckz5o4QdUSI92P9JVyqMjD:OMroy908obwBsVm9CkzO4QdS9S9yz3
Static task
static1
Behavioral task
behavioral1
Sample
ff6e66003ed52c6be563ba7a8d6470735770135863e7ea3e6950b9883bdfc4bb.exe
Resource
win10v2004-20230703-en
Malware Config
Extracted
redline
roma
77.91.68.56:19071
-
auth_value
f099c2cf92834dbc554a94e1456cf576
Targets
-
-
Target
ff6e66003ed52c6be563ba7a8d6470735770135863e7ea3e6950b9883bdfc4bb
-
Size
388KB
-
MD5
c7aabe1fbaa80e3159dbb6ef29396860
-
SHA1
696e24c28afa08e6d1bd9b6745f4bff3846986c5
-
SHA256
ff6e66003ed52c6be563ba7a8d6470735770135863e7ea3e6950b9883bdfc4bb
-
SHA512
a5a84e0e8898937b0e8c285502717f157eac848d2bb35c8353d2b262c50892f86ea31d2209f188000846375d45872fdff238edb66d53ddba1372a50c5aba7a78
-
SSDEEP
6144:KGy+bnr+wp0yN90QEawwwbwgaNmRAwcuQ9Ckz5o4QdUSI92P9JVyqMjD:OMroy908obwBsVm9CkzO4QdS9S9yz3
-
Detects Healer an antivirus disabler dropper
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Adds Run key to start application
-