Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
6833e710109e6f4cba23672d48c0fcf6f0d3ca13a24ab779d8f4c89ab55cdf99
-
Size
515KB
-
Sample
230720-g93t7sdg2w
-
MD5
bb1a183d6e426d63573bf4187f7027ce
-
SHA1
a4fa0973233b02e5fe2414201040ed4ba418e0ff
-
SHA256
6833e710109e6f4cba23672d48c0fcf6f0d3ca13a24ab779d8f4c89ab55cdf99
-
SHA512
d81b2421a31922dbb493ddb889c7b9d9d5995762b43b74c20f9c54bc2b86454c9530551faa931a59e6d747a7a7e7f409805a18489896d52f26da7bc7481571f8
-
SSDEEP
12288:aMrry90Wsg9cn31rX2Fdqw1wqvSK9tb+lmDZ6UWxO12l8h7DpoL5:hycgWnFrUf1lSK7WmD/B2ahPp25
Static task
static1
Behavioral task
behavioral1
Sample
6833e710109e6f4cba23672d48c0fcf6f0d3ca13a24ab779d8f4c89ab55cdf99.exe
Resource
win10-20230703-en
Malware Config
Extracted
amadey
3.85
77.91.68.3/home/love/index.php
Extracted
smokeloader
2022
http://77.91.68.29/fks/
Extracted
redline
nasa
77.91.68.68:19071
-
auth_value
6da71218d8a9738ea3a9a78b5677589b
Targets
-
-
Target
6833e710109e6f4cba23672d48c0fcf6f0d3ca13a24ab779d8f4c89ab55cdf99
-
Size
515KB
-
MD5
bb1a183d6e426d63573bf4187f7027ce
-
SHA1
a4fa0973233b02e5fe2414201040ed4ba418e0ff
-
SHA256
6833e710109e6f4cba23672d48c0fcf6f0d3ca13a24ab779d8f4c89ab55cdf99
-
SHA512
d81b2421a31922dbb493ddb889c7b9d9d5995762b43b74c20f9c54bc2b86454c9530551faa931a59e6d747a7a7e7f409805a18489896d52f26da7bc7481571f8
-
SSDEEP
12288:aMrry90Wsg9cn31rX2Fdqw1wqvSK9tb+lmDZ6UWxO12l8h7DpoL5:hycgWnFrUf1lSK7WmD/B2ahPp25
-
Detects Healer an antivirus disabler dropper
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-