Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
file
-
Size
2.3MB
-
Sample
230816-ml4dqaca9y
-
MD5
89d0f2333461140be663bdd62933f176
-
SHA1
9edf3e914b13744ba9e6e75a096ac5c92c84970a
-
SHA256
0488a72cc86b59cda7359ddbd9820ddd3863adb4de3be431d99f73b9debf2167
-
SHA512
99f3b0480cc0255561183a46d1d7c12d2f9ae3789b5407ae4f5a40987f2ce9ab453ed5ff91b5eedc01d3bef0b24b88f20f0f61cd46b3c334e8ced6e820b30d22
-
SSDEEP
12288:pBVEc+MVqpMvp36SNjoo6WjK3W/Ii2DP6W4h4Lb1u/DjrxG/hWkcdZMLtz/U7ksK:yc+MIpMvpKpogDP6WccboM/FcdZMxkr
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
file.exe
Resource
win10v2004-20230703-en
Malware Config
Targets
-
-
Target
file
-
Size
2.3MB
-
MD5
89d0f2333461140be663bdd62933f176
-
SHA1
9edf3e914b13744ba9e6e75a096ac5c92c84970a
-
SHA256
0488a72cc86b59cda7359ddbd9820ddd3863adb4de3be431d99f73b9debf2167
-
SHA512
99f3b0480cc0255561183a46d1d7c12d2f9ae3789b5407ae4f5a40987f2ce9ab453ed5ff91b5eedc01d3bef0b24b88f20f0f61cd46b3c334e8ced6e820b30d22
-
SSDEEP
12288:pBVEc+MVqpMvp36SNjoo6WjK3W/Ii2DP6W4h4Lb1u/DjrxG/hWkcdZMLtz/U7ksK:yc+MIpMvpKpogDP6WccboM/FcdZMxkr
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-