Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
9cc861a57c68c51405b4412076eb8b42fb883a1d2571991669481e332705e1da
-
Size
390KB
-
Sample
230720-bmlphsca64
-
MD5
e9232eb83b97b39fc80f983a108d5bed
-
SHA1
bdefc42219cd4482a72bf89d4347d3c78f268727
-
SHA256
9cc861a57c68c51405b4412076eb8b42fb883a1d2571991669481e332705e1da
-
SHA512
cd2eb5f5a2017257e1bb1c20d65e1efdf4b2b77ff17b10928fa8ee1e376c96d07aad3aeb0143bedad158cb5e4af58a9f88d11849779389e934f636f9dd2a5e1e
-
SSDEEP
12288:SMrVy90botet015tPMcRqaHJcHnl9z65zXRD:DyTtet0zPqO+Hv6vD
Static task
static1
Behavioral task
behavioral1
Sample
9cc861a57c68c51405b4412076eb8b42fb883a1d2571991669481e332705e1da.exe
Resource
win10-20230703-en
Malware Config
Extracted
amadey
3.85
77.91.68.3/home/love/index.php
Extracted
redline
nasa
77.91.68.68:19071
-
auth_value
6da71218d8a9738ea3a9a78b5677589b
Targets
-
-
Target
9cc861a57c68c51405b4412076eb8b42fb883a1d2571991669481e332705e1da
-
Size
390KB
-
MD5
e9232eb83b97b39fc80f983a108d5bed
-
SHA1
bdefc42219cd4482a72bf89d4347d3c78f268727
-
SHA256
9cc861a57c68c51405b4412076eb8b42fb883a1d2571991669481e332705e1da
-
SHA512
cd2eb5f5a2017257e1bb1c20d65e1efdf4b2b77ff17b10928fa8ee1e376c96d07aad3aeb0143bedad158cb5e4af58a9f88d11849779389e934f636f9dd2a5e1e
-
SSDEEP
12288:SMrVy90botet015tPMcRqaHJcHnl9z65zXRD:DyTtet0zPqO+Hv6vD
-
Detects Healer an antivirus disabler dropper
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-