Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
ca8e648840b1d9f62168a0d6cab0ea8e1151f7eda316d7ed549c77c85744d6ba
-
Size
944KB
-
Sample
230819-e8hfrsga38
-
MD5
6b47dd82516af7976a126f4c624e3fce
-
SHA1
06d497ac28d37bf8c62c5752bf5d0686569dec76
-
SHA256
ca8e648840b1d9f62168a0d6cab0ea8e1151f7eda316d7ed549c77c85744d6ba
-
SHA512
bbc70f4beb5ef1e3949a7bb404223319830775b66481508c9731d3486a081724d81a1fdf028137a2f49637f9f8dc2aefa88ceef9178e9d30047832505c90e81c
-
SSDEEP
12288:QMriy90TTmYn7VQhBp/Jp7dRltkOVcDzdN54EYobHFGw0IgEf+CaUNemxaokzBxP:iyYD7g/7ROzd8EB0IgY+NUJPkCNXA
Static task
static1
Behavioral task
behavioral1
Sample
ca8e648840b1d9f62168a0d6cab0ea8e1151f7eda316d7ed549c77c85744d6ba.exe
Resource
win10-20230703-en
Malware Config
Extracted
redline
dugin
77.91.124.73:19071
-
auth_value
7c3e46e091100fd26a6076996d374c28
Targets
-
-
Target
ca8e648840b1d9f62168a0d6cab0ea8e1151f7eda316d7ed549c77c85744d6ba
-
Size
944KB
-
MD5
6b47dd82516af7976a126f4c624e3fce
-
SHA1
06d497ac28d37bf8c62c5752bf5d0686569dec76
-
SHA256
ca8e648840b1d9f62168a0d6cab0ea8e1151f7eda316d7ed549c77c85744d6ba
-
SHA512
bbc70f4beb5ef1e3949a7bb404223319830775b66481508c9731d3486a081724d81a1fdf028137a2f49637f9f8dc2aefa88ceef9178e9d30047832505c90e81c
-
SSDEEP
12288:QMriy90TTmYn7VQhBp/Jp7dRltkOVcDzdN54EYobHFGw0IgEf+CaUNemxaokzBxP:iyYD7g/7ROzd8EB0IgY+NUJPkCNXA
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Adds Run key to start application
-