Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
38a73350f14f7521147dea22faa01e6b56e1f296a0aa68335bce1133736262d2
-
Size
890KB
-
Sample
230819-2zhfqscf34
-
MD5
605759df0fda85e64629dce6caab56c8
-
SHA1
57106dbcba9c4cfc0a6cdada846a35915a93c10f
-
SHA256
38a73350f14f7521147dea22faa01e6b56e1f296a0aa68335bce1133736262d2
-
SHA512
3ab29f21311e790f8e49d1badeb3837ad468ef9e615cd8a99f1961adbee4bfff167ddd5eaabc7609bb5a2fcf5f35d86731a6966aae02b133a1427befa4f5e279
-
SSDEEP
24576:AyisRb4xFA7bzwD9dPyWUQjHvmZHyRcQ:HX4xyz+9FyW/Hv+yRc
Static task
static1
Behavioral task
behavioral1
Sample
38a73350f14f7521147dea22faa01e6b56e1f296a0aa68335bce1133736262d2.exe
Resource
win10v2004-20230703-en
Malware Config
Extracted
redline
jonka
77.91.124.73:19071
-
auth_value
c95bc30cd252fa6dff2a19fd78bfab4e
Targets
-
-
Target
38a73350f14f7521147dea22faa01e6b56e1f296a0aa68335bce1133736262d2
-
Size
890KB
-
MD5
605759df0fda85e64629dce6caab56c8
-
SHA1
57106dbcba9c4cfc0a6cdada846a35915a93c10f
-
SHA256
38a73350f14f7521147dea22faa01e6b56e1f296a0aa68335bce1133736262d2
-
SHA512
3ab29f21311e790f8e49d1badeb3837ad468ef9e615cd8a99f1961adbee4bfff167ddd5eaabc7609bb5a2fcf5f35d86731a6966aae02b133a1427befa4f5e279
-
SSDEEP
24576:AyisRb4xFA7bzwD9dPyWUQjHvmZHyRcQ:HX4xyz+9FyW/Hv+yRc
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1