Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
1a2d6c3994ef44ea447a41438e2a307815c68b203af2b40d71e7b46bb4598f47
-
Size
854KB
-
Sample
230816-m8h2asad43
-
MD5
2d13305e6a4ffeda0dcc79b116a8bc5e
-
SHA1
a2a4351cb9cd745dddf0e095875f8e9aa5bb52b8
-
SHA256
1a2d6c3994ef44ea447a41438e2a307815c68b203af2b40d71e7b46bb4598f47
-
SHA512
95d2b9cfe504020031109b1b27cdbb83a8758f444199a0387afe04bda1160f027287035321f26b0c9b85c73d8dcd09fdbd0d327f56c174f088c4a2bacb9e18b8
-
SSDEEP
12288:vMrCy90oJ7bh87hSt+gkWscd377ySHsF+P+9swAT30TLmzrGmWAQlxYe93AdhDw+:hyPJ7budS4ho3vy4wAz0PEJW3xJ6phB
Static task
static1
Behavioral task
behavioral1
Sample
1a2d6c3994ef44ea447a41438e2a307815c68b203af2b40d71e7b46bb4598f47.exe
Resource
win10v2004-20230703-en
Malware Config
Extracted
redline
dava
77.91.124.54:19071
-
auth_value
3ce5222c1baaa06681dfe0012ce1de23
Targets
-
-
Target
1a2d6c3994ef44ea447a41438e2a307815c68b203af2b40d71e7b46bb4598f47
-
Size
854KB
-
MD5
2d13305e6a4ffeda0dcc79b116a8bc5e
-
SHA1
a2a4351cb9cd745dddf0e095875f8e9aa5bb52b8
-
SHA256
1a2d6c3994ef44ea447a41438e2a307815c68b203af2b40d71e7b46bb4598f47
-
SHA512
95d2b9cfe504020031109b1b27cdbb83a8758f444199a0387afe04bda1160f027287035321f26b0c9b85c73d8dcd09fdbd0d327f56c174f088c4a2bacb9e18b8
-
SSDEEP
12288:vMrCy90oJ7bh87hSt+gkWscd377ySHsF+P+9swAT30TLmzrGmWAQlxYe93AdhDw+:hyPJ7budS4ho3vy4wAz0PEJW3xJ6phB
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Adds Run key to start application
-