Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
file
-
Size
2.3MB
-
Sample
230805-1rmj2seh57
-
MD5
f28730f469220391b679e575a48ddb0b
-
SHA1
d5863273efdb0e7e61007c4907441ce957e4f98a
-
SHA256
c0de3820d44c7aebc56f12be217cab5c5b758344750e73e1288f42e0f373f038
-
SHA512
667ed7bf96fa21b992889c02d95e2076e8417a7617b7767049a2c87ed668e1c189ecfc3c302d30b7a202d9abb93d8320a532ba018ff382bcb98cc96e53fe1327
-
SSDEEP
49152:VakDcq59geuk/NJW1BN0gQcI3EahBrZPTaZzn0WI78:09q5taPygQcI3EahBrNY/r
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
file.exe
Resource
win10v2004-20230703-en
Malware Config
Extracted
redline
1
45.88.3.253:26313
-
auth_value
7280f9eb4f47693041f9f7d1fafe3acf
Targets
-
-
Target
file
-
Size
2.3MB
-
MD5
f28730f469220391b679e575a48ddb0b
-
SHA1
d5863273efdb0e7e61007c4907441ce957e4f98a
-
SHA256
c0de3820d44c7aebc56f12be217cab5c5b758344750e73e1288f42e0f373f038
-
SHA512
667ed7bf96fa21b992889c02d95e2076e8417a7617b7767049a2c87ed668e1c189ecfc3c302d30b7a202d9abb93d8320a532ba018ff382bcb98cc96e53fe1327
-
SSDEEP
49152:VakDcq59geuk/NJW1BN0gQcI3EahBrZPTaZzn0WI78:09q5taPygQcI3EahBrNY/r
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Uses the VBS compiler for execution
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-