Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
09e148a390e7e504a16b68177f076a9c7f0b7b3bddb34d319a7a534a7ba0aed1
-
Size
823KB
-
Sample
230821-efkqesaf83
-
MD5
518f0ed5a5fb0affd243f17820ff9daf
-
SHA1
713884f771ed469091f0ff492d993c55ac04cac4
-
SHA256
09e148a390e7e504a16b68177f076a9c7f0b7b3bddb34d319a7a534a7ba0aed1
-
SHA512
1ad6ab6dcf99b4aa6bed4c87e76c1bb0cd63efa848c5e1a1ce432a2f07275db137654822ba57328320b5771354e2184c8ad0b8cf37773633353ea7bae83610c0
-
SSDEEP
12288:dMrHy90GYbFfNluw400uhhOjSjuQNv6tBKJyCZiUOK1oab2KK6gVDAFI90:KyfAQR0R0jypCBmytUZ1B2lrDAFI90
Static task
static1
Behavioral task
behavioral1
Sample
09e148a390e7e504a16b68177f076a9c7f0b7b3bddb34d319a7a534a7ba0aed1.exe
Resource
win10v2004-20230703-en
Malware Config
Extracted
redline
chang
77.91.124.73:19071
-
auth_value
92b880db64e691d6bb290d1536ce7688
Targets
-
-
Target
09e148a390e7e504a16b68177f076a9c7f0b7b3bddb34d319a7a534a7ba0aed1
-
Size
823KB
-
MD5
518f0ed5a5fb0affd243f17820ff9daf
-
SHA1
713884f771ed469091f0ff492d993c55ac04cac4
-
SHA256
09e148a390e7e504a16b68177f076a9c7f0b7b3bddb34d319a7a534a7ba0aed1
-
SHA512
1ad6ab6dcf99b4aa6bed4c87e76c1bb0cd63efa848c5e1a1ce432a2f07275db137654822ba57328320b5771354e2184c8ad0b8cf37773633353ea7bae83610c0
-
SSDEEP
12288:dMrHy90GYbFfNluw400uhhOjSjuQNv6tBKJyCZiUOK1oab2KK6gVDAFI90:KyfAQR0R0jypCBmytUZ1B2lrDAFI90
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1