Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
b0c440f95f7efa1f5f64e83cc7e2032190e0488cfc82ee448f88f4687e53a08a
-
Size
390KB
-
Sample
230720-f4ve7sdd8z
-
MD5
bcbf3cdfecb03571cf32bc1abb7fd9fa
-
SHA1
46d7f5b6b9074ea2ae1a3d9983262fd11813b634
-
SHA256
b0c440f95f7efa1f5f64e83cc7e2032190e0488cfc82ee448f88f4687e53a08a
-
SHA512
7a19cb20e8181c61041a9b7dcdf7170fc61016d020e30420e6476b435da4c49ebd1f3639fb8cb60cf6235a3130156bf598634c374658528cb0bbcc770010b12e
-
SSDEEP
12288:3MrEy90KT7rREam9yOHkcHnl9HN7bXQP:byFLREamkarH71w
Static task
static1
Behavioral task
behavioral1
Sample
b0c440f95f7efa1f5f64e83cc7e2032190e0488cfc82ee448f88f4687e53a08a.exe
Resource
win10-20230703-en
Malware Config
Extracted
amadey
3.85
77.91.68.3/home/love/index.php
Extracted
redline
nasa
77.91.68.68:19071
-
auth_value
6da71218d8a9738ea3a9a78b5677589b
Targets
-
-
Target
b0c440f95f7efa1f5f64e83cc7e2032190e0488cfc82ee448f88f4687e53a08a
-
Size
390KB
-
MD5
bcbf3cdfecb03571cf32bc1abb7fd9fa
-
SHA1
46d7f5b6b9074ea2ae1a3d9983262fd11813b634
-
SHA256
b0c440f95f7efa1f5f64e83cc7e2032190e0488cfc82ee448f88f4687e53a08a
-
SHA512
7a19cb20e8181c61041a9b7dcdf7170fc61016d020e30420e6476b435da4c49ebd1f3639fb8cb60cf6235a3130156bf598634c374658528cb0bbcc770010b12e
-
SSDEEP
12288:3MrEy90KT7rREam9yOHkcHnl9HN7bXQP:byFLREamkarH71w
-
Detects Healer an antivirus disabler dropper
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-