Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
83033d4f85de4e7df83c4cba30ef9c1a960e8aeb15660f7ea55c7a2d623da803
-
Size
390KB
-
Sample
230719-ds4hmagb5y
-
MD5
0bf5419bf8ee03aa4662c39a58fc024c
-
SHA1
570d157e4d29bd3ab2f1cc64245388ccd9c6517f
-
SHA256
83033d4f85de4e7df83c4cba30ef9c1a960e8aeb15660f7ea55c7a2d623da803
-
SHA512
6eaeee98285b86058391263e6f15c8f7e9f392b6ab850e39fdcc8dea64fae3e5163a5895184fefdf54b1aca34927cb0920d6acdcbe4b51a74f4e6a0113a8cff3
-
SSDEEP
6144:Kfy+bnr+4p0yN90QEztbWn2qkWcnZNbQR5nQ4K5cCdb5YVlol+Qb4w/a1Lk:JMrEy90Rwn2zmEl+f1Lk
Static task
static1
Behavioral task
behavioral1
Sample
83033d4f85de4e7df83c4cba30ef9c1a960e8aeb15660f7ea55c7a2d623da803.exe
Resource
win10-20230703-en
Malware Config
Extracted
amadey
3.85
77.91.68.3/home/love/index.php
Extracted
redline
roma
77.91.68.56:19071
-
auth_value
f099c2cf92834dbc554a94e1456cf576
Targets
-
-
Target
83033d4f85de4e7df83c4cba30ef9c1a960e8aeb15660f7ea55c7a2d623da803
-
Size
390KB
-
MD5
0bf5419bf8ee03aa4662c39a58fc024c
-
SHA1
570d157e4d29bd3ab2f1cc64245388ccd9c6517f
-
SHA256
83033d4f85de4e7df83c4cba30ef9c1a960e8aeb15660f7ea55c7a2d623da803
-
SHA512
6eaeee98285b86058391263e6f15c8f7e9f392b6ab850e39fdcc8dea64fae3e5163a5895184fefdf54b1aca34927cb0920d6acdcbe4b51a74f4e6a0113a8cff3
-
SSDEEP
6144:Kfy+bnr+4p0yN90QEztbWn2qkWcnZNbQR5nQ4K5cCdb5YVlol+Qb4w/a1Lk:JMrEy90Rwn2zmEl+f1Lk
-
Detects Healer an antivirus disabler dropper
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-