Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
953317f4b9fe7c635a7e567bc8364004a924201e132d32b4b52e3e8ddc186107
-
Size
389KB
-
Sample
230719-qctdyagc31
-
MD5
8460839d88470abc63cb8b0627566bf9
-
SHA1
d2d3a870c95135379130e0c8a1a6454dde7eb346
-
SHA256
953317f4b9fe7c635a7e567bc8364004a924201e132d32b4b52e3e8ddc186107
-
SHA512
6289d16e5ba5236ee45bfc9eca6b58ed740e7ee0a7c3fc99b6c96b5e7533bf7384121f9166e6f79fdcc17dc20613d3485b510d350be5ad86becc5db842459e84
-
SSDEEP
6144:K1y+bnr+ep0yN90QEn6DP5m21srlPhkxPb27HSZt8nlzcVF9SF+zrotU0Ky:zMray908Dhm21srlORiY8lvFCU1
Static task
static1
Behavioral task
behavioral1
Sample
953317f4b9fe7c635a7e567bc8364004a924201e132d32b4b52e3e8ddc186107.exe
Resource
win10v2004-20230703-en
Malware Config
Extracted
redline
nasa
77.91.68.68:19071
-
auth_value
6da71218d8a9738ea3a9a78b5677589b
Targets
-
-
Target
953317f4b9fe7c635a7e567bc8364004a924201e132d32b4b52e3e8ddc186107
-
Size
389KB
-
MD5
8460839d88470abc63cb8b0627566bf9
-
SHA1
d2d3a870c95135379130e0c8a1a6454dde7eb346
-
SHA256
953317f4b9fe7c635a7e567bc8364004a924201e132d32b4b52e3e8ddc186107
-
SHA512
6289d16e5ba5236ee45bfc9eca6b58ed740e7ee0a7c3fc99b6c96b5e7533bf7384121f9166e6f79fdcc17dc20613d3485b510d350be5ad86becc5db842459e84
-
SSDEEP
6144:K1y+bnr+ep0yN90QEn6DP5m21srlPhkxPb27HSZt8nlzcVF9SF+zrotU0Ky:zMray908Dhm21srlORiY8lvFCU1
-
Detects Healer an antivirus disabler dropper
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Adds Run key to start application
-