Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
7bcd94db81bd2698ee6d67b7bec899446b4f0ccccf86529e49ddf23813a4cceb
-
Size
389KB
-
Sample
230719-bhhgasff4w
-
MD5
280dde7a6c19b5aec29ef5fda4f3f0d9
-
SHA1
2e53178911a7ebca43f3cf8b66ddd7d4fcee5da1
-
SHA256
7bcd94db81bd2698ee6d67b7bec899446b4f0ccccf86529e49ddf23813a4cceb
-
SHA512
8d7acee8e30490166cbddfe989a282fa41b24e07e51460bfe268a8f2903a141a59fd9636561c821f425fef36cdabc4fab4bd7c292fe2a194fd68ccc76bab5d65
-
SSDEEP
6144:KJy+bnr+Dp0yN90QEEw7u+T7ERYjvDOt8zG2nUToVHRhTqDV8imd/Yeq15yV:3Mr3y90i67+EqKzxnU2QkdAeq15+
Static task
static1
Behavioral task
behavioral1
Sample
7bcd94db81bd2698ee6d67b7bec899446b4f0ccccf86529e49ddf23813a4cceb.exe
Resource
win10-20230703-en
Malware Config
Extracted
redline
roma
77.91.68.56:19071
-
auth_value
f099c2cf92834dbc554a94e1456cf576
Targets
-
-
Target
7bcd94db81bd2698ee6d67b7bec899446b4f0ccccf86529e49ddf23813a4cceb
-
Size
389KB
-
MD5
280dde7a6c19b5aec29ef5fda4f3f0d9
-
SHA1
2e53178911a7ebca43f3cf8b66ddd7d4fcee5da1
-
SHA256
7bcd94db81bd2698ee6d67b7bec899446b4f0ccccf86529e49ddf23813a4cceb
-
SHA512
8d7acee8e30490166cbddfe989a282fa41b24e07e51460bfe268a8f2903a141a59fd9636561c821f425fef36cdabc4fab4bd7c292fe2a194fd68ccc76bab5d65
-
SSDEEP
6144:KJy+bnr+Dp0yN90QEEw7u+T7ERYjvDOt8zG2nUToVHRhTqDV8imd/Yeq15yV:3Mr3y90i67+EqKzxnU2QkdAeq15+
-
Detects Healer an antivirus disabler dropper
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Adds Run key to start application
-