Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2a716d9b426f4134261b0cc4e24118cc76d2961f52967909d41fd2a514ed6cd8
-
Size
514KB
-
Sample
230718-z53bzseg9s
-
MD5
1af30fe043bd2a37aa98098d43b9479a
-
SHA1
4a3cdc1bcd21d9aa33f6d4882c897d20e54913c3
-
SHA256
2a716d9b426f4134261b0cc4e24118cc76d2961f52967909d41fd2a514ed6cd8
-
SHA512
f0044a17881be3ef1d77f7e64e395e4bc4c813f9cc1900e3f6b2bb202cd7b72f6f7b9ebc1dd43cb5d5a5fb14407e64e51d08f7405ba8a4aac27f25680db483b5
-
SSDEEP
12288:zMr/y90KmOtE7r94BHx2g7paPG/nLCnT5Oc2wnugT:gyLmNOHwApa2Wn52TM
Static task
static1
Behavioral task
behavioral1
Sample
2a716d9b426f4134261b0cc4e24118cc76d2961f52967909d41fd2a514ed6cd8.exe
Resource
win10-20230703-en
Malware Config
Extracted
amadey
3.85
77.91.68.3/home/love/index.php
Extracted
smokeloader
2022
http://77.91.68.29/fks/
Extracted
redline
roma
77.91.68.56:19071
-
auth_value
f099c2cf92834dbc554a94e1456cf576
Targets
-
-
Target
2a716d9b426f4134261b0cc4e24118cc76d2961f52967909d41fd2a514ed6cd8
-
Size
514KB
-
MD5
1af30fe043bd2a37aa98098d43b9479a
-
SHA1
4a3cdc1bcd21d9aa33f6d4882c897d20e54913c3
-
SHA256
2a716d9b426f4134261b0cc4e24118cc76d2961f52967909d41fd2a514ed6cd8
-
SHA512
f0044a17881be3ef1d77f7e64e395e4bc4c813f9cc1900e3f6b2bb202cd7b72f6f7b9ebc1dd43cb5d5a5fb14407e64e51d08f7405ba8a4aac27f25680db483b5
-
SSDEEP
12288:zMr/y90KmOtE7r94BHx2g7paPG/nLCnT5Oc2wnugT:gyLmNOHwApa2Wn52TM
-
Detects Healer an antivirus disabler dropper
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-