Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2a6582f628c700ab75f4604add6de21d854687119c8adc79dacc339015f4109e_JC.exe
-
Size
838KB
-
Sample
230820-sfa3wahf2z
-
MD5
c5b4cabc96e956778315c37cb403f379
-
SHA1
4f0a947f3cdce9146e2a26a799f537380c7dc553
-
SHA256
2a6582f628c700ab75f4604add6de21d854687119c8adc79dacc339015f4109e
-
SHA512
4f1756a285ef197de036c735d870407558132750775b80d8432bba6cae81ea78d08fce5fc9eaac6999a293de7ec71aa5800d6cdc2489493ad9981a6d11f68999
-
SSDEEP
12288:yMrXy90rGGUAoW0NZrJkXHFT6Kne/vbpi7V++Goq80YYdTYi0eFTu7v/:Fy6GGWNZ+XHlK/vN/Ydi0eav/
Static task
static1
Behavioral task
behavioral1
Sample
2a6582f628c700ab75f4604add6de21d854687119c8adc79dacc339015f4109e_JC.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
2a6582f628c700ab75f4604add6de21d854687119c8adc79dacc339015f4109e_JC.exe
Resource
win10v2004-20230703-en
Malware Config
Extracted
redline
dugin
77.91.124.73:19071
-
auth_value
7c3e46e091100fd26a6076996d374c28
Targets
-
-
Target
2a6582f628c700ab75f4604add6de21d854687119c8adc79dacc339015f4109e_JC.exe
-
Size
838KB
-
MD5
c5b4cabc96e956778315c37cb403f379
-
SHA1
4f0a947f3cdce9146e2a26a799f537380c7dc553
-
SHA256
2a6582f628c700ab75f4604add6de21d854687119c8adc79dacc339015f4109e
-
SHA512
4f1756a285ef197de036c735d870407558132750775b80d8432bba6cae81ea78d08fce5fc9eaac6999a293de7ec71aa5800d6cdc2489493ad9981a6d11f68999
-
SSDEEP
12288:yMrXy90rGGUAoW0NZrJkXHFT6Kne/vbpi7V++Goq80YYdTYi0eFTu7v/:Fy6GGWNZ+XHlK/vN/Ydi0eav/
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-