Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
81bf1502bec6c9cd9e60f405700cd9d6.bin
-
Size
670KB
-
Sample
230820-b8hvraef21
-
MD5
9f78679ecc3279998447dede8975420c
-
SHA1
3de9eaf0fd5bed552390b40d7490d7bcbc809eca
-
SHA256
0adc5156f31895771277e0199ff9d5a5f4f489931cac86154eac056f474ad4b4
-
SHA512
a631104bb60fd4d546ebe6f11f8b0063969ee0aa1d4c8fbeb647c6743c644c23522d9368d24fe82c8b9bf88b32468a356dc90693a0f7f7b9b61282e618e31f36
-
SSDEEP
12288:Dk4tqopE9QGyljXKQzgRJT8tYlqPD8CgiYD7tbmILfeMPPoSpgU/mf4pSDs:o4tqojlTKQsrTmYlqPYC2HZmILfBP/2I
Static task
static1
Behavioral task
behavioral1
Sample
a2c7bd3961d1781c36b6dc46216e59b2eab98ce0c9df0e0d20b5c8ca43abc7ac.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
a2c7bd3961d1781c36b6dc46216e59b2eab98ce0c9df0e0d20b5c8ca43abc7ac.exe
Resource
win10v2004-20230703-en
Malware Config
Extracted
redline
dugin
77.91.124.73:19071
-
auth_value
7c3e46e091100fd26a6076996d374c28
Targets
-
-
Target
a2c7bd3961d1781c36b6dc46216e59b2eab98ce0c9df0e0d20b5c8ca43abc7ac.exe
-
Size
714KB
-
MD5
81bf1502bec6c9cd9e60f405700cd9d6
-
SHA1
63429c2bb760a09bce0ac1c647b46130a8009d21
-
SHA256
a2c7bd3961d1781c36b6dc46216e59b2eab98ce0c9df0e0d20b5c8ca43abc7ac
-
SHA512
b4c5a3bbf55e5b2a749a728f2771254941c3b3eeead937022b07ac4c571ca7b6ef8fd8710cba53dce6d815e035f42f50b42508e9eb9f40ca83510a6a4d837b5e
-
SSDEEP
12288:TMr2y902zbnmNl4yrALbfw+BUJCPGNhr+Nj6E2kg003rvpnCUFl8Us0JOxSTnj:pyRzbnul4a9+uYuv46yWDAkKUs0JOA7j
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-