Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
c4e498dee19d585afa45ef25cfa9911d4b278fe589e0bba2eda15af7376bc17b
-
Size
389KB
-
Sample
230719-q72nsshb2z
-
MD5
177cc2b3781056cb89ff026657ed3de6
-
SHA1
8abe82aa72e9078bbe718a1b40ea0d1f03783f51
-
SHA256
c4e498dee19d585afa45ef25cfa9911d4b278fe589e0bba2eda15af7376bc17b
-
SHA512
bc171c6cf6c641e526e81196c7680ebbd60728678aa1bd6a9e9ceab9bd743e55ee0acf1098597715098072c39f79cf86198eeb2973f38e4428bfea2165f2c2e6
-
SSDEEP
12288:0Mrny90j4TvR6br5IAMdFTUjiBrGXtkoPS:LyKOJd+jiBrKrS
Static task
static1
Behavioral task
behavioral1
Sample
c4e498dee19d585afa45ef25cfa9911d4b278fe589e0bba2eda15af7376bc17b.exe
Resource
win10-20230703-en
Malware Config
Extracted
redline
nasa
77.91.68.68:19071
-
auth_value
6da71218d8a9738ea3a9a78b5677589b
Targets
-
-
Target
c4e498dee19d585afa45ef25cfa9911d4b278fe589e0bba2eda15af7376bc17b
-
Size
389KB
-
MD5
177cc2b3781056cb89ff026657ed3de6
-
SHA1
8abe82aa72e9078bbe718a1b40ea0d1f03783f51
-
SHA256
c4e498dee19d585afa45ef25cfa9911d4b278fe589e0bba2eda15af7376bc17b
-
SHA512
bc171c6cf6c641e526e81196c7680ebbd60728678aa1bd6a9e9ceab9bd743e55ee0acf1098597715098072c39f79cf86198eeb2973f38e4428bfea2165f2c2e6
-
SSDEEP
12288:0Mrny90j4TvR6br5IAMdFTUjiBrGXtkoPS:LyKOJd+jiBrKrS
-
Detects Healer an antivirus disabler dropper
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Adds Run key to start application
-