Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
95d9bb990bb85cdecdc76c11a1b0159b35e3958d6eb7f10d3c58c720da8b29b1
-
Size
389KB
-
Sample
230719-prb8jaee34
-
MD5
9be6610be653d29f1846dfabbb0b9796
-
SHA1
7f414ffb2c37b21d48d8d7954ae0645328c83d5d
-
SHA256
95d9bb990bb85cdecdc76c11a1b0159b35e3958d6eb7f10d3c58c720da8b29b1
-
SHA512
746380c6e289026aeca2ac03a683073ccfb05ae9ff45e0801295540c800d19ceae9363896f6dd0392be2408fbd9ecf71664a2a14c27ba55d3ab06e2b2276ac83
-
SSDEEP
6144:KIy+bnr+cp0yN90QE2C02lxr2XO93i0H2CtPaxGuWzIlQCYM:IMrUy90h02br2XcNwdAM
Static task
static1
Behavioral task
behavioral1
Sample
95d9bb990bb85cdecdc76c11a1b0159b35e3958d6eb7f10d3c58c720da8b29b1.exe
Resource
win10-20230703-en
Malware Config
Extracted
redline
nasa
77.91.68.68:19071
-
auth_value
6da71218d8a9738ea3a9a78b5677589b
Targets
-
-
Target
95d9bb990bb85cdecdc76c11a1b0159b35e3958d6eb7f10d3c58c720da8b29b1
-
Size
389KB
-
MD5
9be6610be653d29f1846dfabbb0b9796
-
SHA1
7f414ffb2c37b21d48d8d7954ae0645328c83d5d
-
SHA256
95d9bb990bb85cdecdc76c11a1b0159b35e3958d6eb7f10d3c58c720da8b29b1
-
SHA512
746380c6e289026aeca2ac03a683073ccfb05ae9ff45e0801295540c800d19ceae9363896f6dd0392be2408fbd9ecf71664a2a14c27ba55d3ab06e2b2276ac83
-
SSDEEP
6144:KIy+bnr+cp0yN90QE2C02lxr2XO93i0H2CtPaxGuWzIlQCYM:IMrUy90h02br2XcNwdAM
-
Detects Healer an antivirus disabler dropper
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Adds Run key to start application
-