Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
84fd7494da97f3505e5d0ade4aa80967c4a607efbdc56a59b25a0b705da9e281
-
Size
515KB
-
Sample
230720-c3s9zach4s
-
MD5
07de26d5784ce9c11d935a98fd2a0557
-
SHA1
6161973636d3db9111dfe56143f1fca75ec5044a
-
SHA256
84fd7494da97f3505e5d0ade4aa80967c4a607efbdc56a59b25a0b705da9e281
-
SHA512
e8b546371cb607c46c864d1ebbd07c2ab3c41b55730053d242c433230d908297de43eb4769a295f10496c043dcaf96f4d35c3b03a257c9bc399e1a6c713f5566
-
SSDEEP
6144:Kxy+bnr+7p0yN90QEhK/6cVT4Oz7c7XrxW/MGV4letGSY/N/EdZxlyVj6Yh8cCf:PMrfy90C6/znTec1EBlyVj6YGf
Static task
static1
Behavioral task
behavioral1
Sample
84fd7494da97f3505e5d0ade4aa80967c4a607efbdc56a59b25a0b705da9e281.exe
Resource
win10-20230703-en
Malware Config
Extracted
amadey
3.85
77.91.68.3/home/love/index.php
Extracted
smokeloader
2022
http://77.91.68.29/fks/
Extracted
redline
nasa
77.91.68.68:19071
-
auth_value
6da71218d8a9738ea3a9a78b5677589b
Targets
-
-
Target
84fd7494da97f3505e5d0ade4aa80967c4a607efbdc56a59b25a0b705da9e281
-
Size
515KB
-
MD5
07de26d5784ce9c11d935a98fd2a0557
-
SHA1
6161973636d3db9111dfe56143f1fca75ec5044a
-
SHA256
84fd7494da97f3505e5d0ade4aa80967c4a607efbdc56a59b25a0b705da9e281
-
SHA512
e8b546371cb607c46c864d1ebbd07c2ab3c41b55730053d242c433230d908297de43eb4769a295f10496c043dcaf96f4d35c3b03a257c9bc399e1a6c713f5566
-
SSDEEP
6144:Kxy+bnr+7p0yN90QEhK/6cVT4Oz7c7XrxW/MGV4letGSY/N/EdZxlyVj6Yh8cCf:PMrfy90C6/znTec1EBlyVj6YGf
-
Detects Healer an antivirus disabler dropper
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-