Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
4ba92c4c1427104fa0a351a9c495d3b489750af658ebaf00f2cb482d2945715c
-
Size
389KB
-
Sample
230719-25v9sabf62
-
MD5
26a312d79214d0a1f7ae79436fc0d08c
-
SHA1
8b1e66d7fcde8f1bc3878ad8ef0485c84c33c462
-
SHA256
4ba92c4c1427104fa0a351a9c495d3b489750af658ebaf00f2cb482d2945715c
-
SHA512
583c51ff82d8d79d8a303d6b5a5b3719957723f50ce6714a177b476109ca3897ee02d41ee6ca1482af08feeaea2a6f5050bb6e963019013766926e0184ec6280
-
SSDEEP
12288:cMrby90e+K7Y/p/io1Y7FcHeeFb3T3VJN3:ny4ywx1RJFb3T3F3
Static task
static1
Behavioral task
behavioral1
Sample
4ba92c4c1427104fa0a351a9c495d3b489750af658ebaf00f2cb482d2945715c.exe
Resource
win10-20230703-en
Malware Config
Extracted
redline
nasa
77.91.68.68:19071
-
auth_value
6da71218d8a9738ea3a9a78b5677589b
Targets
-
-
Target
4ba92c4c1427104fa0a351a9c495d3b489750af658ebaf00f2cb482d2945715c
-
Size
389KB
-
MD5
26a312d79214d0a1f7ae79436fc0d08c
-
SHA1
8b1e66d7fcde8f1bc3878ad8ef0485c84c33c462
-
SHA256
4ba92c4c1427104fa0a351a9c495d3b489750af658ebaf00f2cb482d2945715c
-
SHA512
583c51ff82d8d79d8a303d6b5a5b3719957723f50ce6714a177b476109ca3897ee02d41ee6ca1482af08feeaea2a6f5050bb6e963019013766926e0184ec6280
-
SSDEEP
12288:cMrby90e+K7Y/p/io1Y7FcHeeFb3T3VJN3:ny4ywx1RJFb3T3F3
-
Detects Healer an antivirus disabler dropper
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Adds Run key to start application
-