Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
76ce55b4d5a119f06c367a346ae1862c303beb76b2c774f07526af067c28579e
-
Size
390KB
-
Sample
230719-ref23agf62
-
MD5
58d3d7b38cdf565f40600c4f84de48d7
-
SHA1
bfaf48e19cdc476f76cba56d8c3e656eece773cd
-
SHA256
76ce55b4d5a119f06c367a346ae1862c303beb76b2c774f07526af067c28579e
-
SHA512
e32a08abd9abfbcc0180d2338d79d9b4f945658481475f600fd517b3626ac3e31eb3ebbc8f88e114ac41a09a3af5bbbd2a56ec77912a7ab73fda6da18eea141f
-
SSDEEP
6144:KLy+bnr+Wp0yN90QEX8JiDsTwevTqZSJ4cfq4++uf8KnnRUIBr:BMrKy90F4iDuTq0J4c4r8KZr
Static task
static1
Behavioral task
behavioral1
Sample
76ce55b4d5a119f06c367a346ae1862c303beb76b2c774f07526af067c28579e.exe
Resource
win10-20230703-en
Malware Config
Extracted
amadey
3.85
77.91.68.3/home/love/index.php
Extracted
redline
nasa
77.91.68.68:19071
-
auth_value
6da71218d8a9738ea3a9a78b5677589b
Targets
-
-
Target
76ce55b4d5a119f06c367a346ae1862c303beb76b2c774f07526af067c28579e
-
Size
390KB
-
MD5
58d3d7b38cdf565f40600c4f84de48d7
-
SHA1
bfaf48e19cdc476f76cba56d8c3e656eece773cd
-
SHA256
76ce55b4d5a119f06c367a346ae1862c303beb76b2c774f07526af067c28579e
-
SHA512
e32a08abd9abfbcc0180d2338d79d9b4f945658481475f600fd517b3626ac3e31eb3ebbc8f88e114ac41a09a3af5bbbd2a56ec77912a7ab73fda6da18eea141f
-
SSDEEP
6144:KLy+bnr+Wp0yN90QEX8JiDsTwevTqZSJ4cfq4++uf8KnnRUIBr:BMrKy90F4iDuTq0J4c4r8KZr
-
Detects Healer an antivirus disabler dropper
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-