Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
023336483f6affe46a0faa30c6dea5dd7f1090b346af5655e61c8bbce02a42ab
-
Size
389KB
-
Sample
230720-x14m5sab62
-
MD5
10a8a4be5b6f6644696f6e204b567388
-
SHA1
3d8ba77c381c1b2fe8c760446a92166e6b90a415
-
SHA256
023336483f6affe46a0faa30c6dea5dd7f1090b346af5655e61c8bbce02a42ab
-
SHA512
f7557a3c891c2af00d9664938673a692e86ae6c67e7c2c669b22bcd18450c5fc65035c8fc448fb2250a47b43762193d0799a0fb586ea13c3ec95ebba33e5a262
-
SSDEEP
6144:KOy+bnr+Lp0yN90QEwf/AirvTU07jytXLQwW4JZdlWNWywjZ4x8jFDSmjZJ:iMrny90zirUdtrWwZdlYw28jxSsZJ
Static task
static1
Behavioral task
behavioral1
Sample
023336483f6affe46a0faa30c6dea5dd7f1090b346af5655e61c8bbce02a42ab.exe
Resource
win10v2004-20230703-en
Malware Config
Extracted
redline
nasa
77.91.68.68:19071
-
auth_value
6da71218d8a9738ea3a9a78b5677589b
Targets
-
-
Target
023336483f6affe46a0faa30c6dea5dd7f1090b346af5655e61c8bbce02a42ab
-
Size
389KB
-
MD5
10a8a4be5b6f6644696f6e204b567388
-
SHA1
3d8ba77c381c1b2fe8c760446a92166e6b90a415
-
SHA256
023336483f6affe46a0faa30c6dea5dd7f1090b346af5655e61c8bbce02a42ab
-
SHA512
f7557a3c891c2af00d9664938673a692e86ae6c67e7c2c669b22bcd18450c5fc65035c8fc448fb2250a47b43762193d0799a0fb586ea13c3ec95ebba33e5a262
-
SSDEEP
6144:KOy+bnr+Lp0yN90QEwf/AirvTU07jytXLQwW4JZdlWNWywjZ4x8jFDSmjZJ:iMrny90zirUdtrWwZdlYw28jxSsZJ
-
Detects Healer an antivirus disabler dropper
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1