Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
fee1eb5968e3ced545781f6ad295bf012a14306e0ad1b5393f88146436ecf7c1
-
Size
389KB
-
Sample
230718-yektksdd62
-
MD5
aea66679bedcf753c13e13d8b210d83e
-
SHA1
8c565f552097ebf3589a0343cd2e1372492c7edd
-
SHA256
fee1eb5968e3ced545781f6ad295bf012a14306e0ad1b5393f88146436ecf7c1
-
SHA512
b9d0cf08768b626bd1879f78adc74228e3d4f6bbe870dc42d4a829decd77721af38c7d49bc2513a3fa7ec80e606d8550460a0120ee861d0d0767d7b0d903ad07
-
SSDEEP
6144:K/y+bnr+/p0yN90QEqxXVwV6Zz9Xr7vh259GZYX8cIa8otBj+cP7F7ak:BMr3y90YxlNzh5OF8wj9FN
Static task
static1
Behavioral task
behavioral1
Sample
fee1eb5968e3ced545781f6ad295bf012a14306e0ad1b5393f88146436ecf7c1.exe
Resource
win10v2004-20230703-en
Malware Config
Extracted
redline
roma
77.91.68.56:19071
-
auth_value
f099c2cf92834dbc554a94e1456cf576
Targets
-
-
Target
fee1eb5968e3ced545781f6ad295bf012a14306e0ad1b5393f88146436ecf7c1
-
Size
389KB
-
MD5
aea66679bedcf753c13e13d8b210d83e
-
SHA1
8c565f552097ebf3589a0343cd2e1372492c7edd
-
SHA256
fee1eb5968e3ced545781f6ad295bf012a14306e0ad1b5393f88146436ecf7c1
-
SHA512
b9d0cf08768b626bd1879f78adc74228e3d4f6bbe870dc42d4a829decd77721af38c7d49bc2513a3fa7ec80e606d8550460a0120ee861d0d0767d7b0d903ad07
-
SSDEEP
6144:K/y+bnr+/p0yN90QEqxXVwV6Zz9Xr7vh259GZYX8cIa8otBj+cP7F7ak:BMr3y90YxlNzh5OF8wj9FN
-
Detects Healer an antivirus disabler dropper
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Adds Run key to start application
-