Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
c17a7b0af9751e9ab09b9f310ced898ffaaabac1b27cba0eacf98ff1e9e8221f
-
Size
389KB
-
Sample
230719-11gp6abd87
-
MD5
01e3a8c5b6c3afac4de6f92c0d3a7c25
-
SHA1
18e4d2253bed0870dfe7a0748f870669da38d135
-
SHA256
c17a7b0af9751e9ab09b9f310ced898ffaaabac1b27cba0eacf98ff1e9e8221f
-
SHA512
8cc4b13224fc0e0d2b8ae51dd69bbcc5a81d587169c5d11c8aa85ffa1e81ed32ef0f1f8bf61699b9b9013f0c49afe19a11260cec20fdc2a7a4c80229fd8831ee
-
SSDEEP
6144:K4y+bnr+Lp0yN90QEeDXB3hT7oRYIjDn5n0xEvm6SsgUExhhxSQQJx6AF6r:cMrXy908Db7ShWEvm6SDfhxSQYF6r
Static task
static1
Behavioral task
behavioral1
Sample
c17a7b0af9751e9ab09b9f310ced898ffaaabac1b27cba0eacf98ff1e9e8221f.exe
Resource
win10-20230703-en
Malware Config
Extracted
redline
nasa
77.91.68.68:19071
-
auth_value
6da71218d8a9738ea3a9a78b5677589b
Targets
-
-
Target
c17a7b0af9751e9ab09b9f310ced898ffaaabac1b27cba0eacf98ff1e9e8221f
-
Size
389KB
-
MD5
01e3a8c5b6c3afac4de6f92c0d3a7c25
-
SHA1
18e4d2253bed0870dfe7a0748f870669da38d135
-
SHA256
c17a7b0af9751e9ab09b9f310ced898ffaaabac1b27cba0eacf98ff1e9e8221f
-
SHA512
8cc4b13224fc0e0d2b8ae51dd69bbcc5a81d587169c5d11c8aa85ffa1e81ed32ef0f1f8bf61699b9b9013f0c49afe19a11260cec20fdc2a7a4c80229fd8831ee
-
SSDEEP
6144:K4y+bnr+Lp0yN90QEeDXB3hT7oRYIjDn5n0xEvm6SsgUExhhxSQQJx6AF6r:cMrXy908Db7ShWEvm6SDfhxSQYF6r
-
Detects Healer an antivirus disabler dropper
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Adds Run key to start application
-