Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
81bf65e6cd65809f4e6885ac684a7d8b17b39bd28c147068431bf802d5a8b12e
-
Size
389KB
-
Sample
230719-swyh4shh31
-
MD5
7d1fed48cf233d36969d449caeb35bc6
-
SHA1
5e533c4ea4d3b07bcd94bacef079342b32c244bc
-
SHA256
81bf65e6cd65809f4e6885ac684a7d8b17b39bd28c147068431bf802d5a8b12e
-
SHA512
c908d6096ca62fd89b1a48e06584a70dacd78a2bf51f37384c0ffb5c7a5657a42924dd29c97ad71e543172aa09e310f187a1e56073385807febe646712492b46
-
SSDEEP
6144:KWy+bnr+6p0yN90QEKC01kWKjZNrQR5izw2wBT5I13oNkHLmPrVAeeJ/:uMr+y90M8zw2WEoLjGeY/
Static task
static1
Behavioral task
behavioral1
Sample
81bf65e6cd65809f4e6885ac684a7d8b17b39bd28c147068431bf802d5a8b12e.exe
Resource
win10v2004-20230703-en
Malware Config
Extracted
redline
nasa
77.91.68.68:19071
-
auth_value
6da71218d8a9738ea3a9a78b5677589b
Targets
-
-
Target
81bf65e6cd65809f4e6885ac684a7d8b17b39bd28c147068431bf802d5a8b12e
-
Size
389KB
-
MD5
7d1fed48cf233d36969d449caeb35bc6
-
SHA1
5e533c4ea4d3b07bcd94bacef079342b32c244bc
-
SHA256
81bf65e6cd65809f4e6885ac684a7d8b17b39bd28c147068431bf802d5a8b12e
-
SHA512
c908d6096ca62fd89b1a48e06584a70dacd78a2bf51f37384c0ffb5c7a5657a42924dd29c97ad71e543172aa09e310f187a1e56073385807febe646712492b46
-
SSDEEP
6144:KWy+bnr+6p0yN90QEKC01kWKjZNrQR5izw2wBT5I13oNkHLmPrVAeeJ/:uMr+y90M8zw2WEoLjGeY/
-
Detects Healer an antivirus disabler dropper
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Adds Run key to start application
-