Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
b2d24b231d7f3eed7b517f38077ecb890957c334dda06da0a016caa5a15c6cc9
-
Size
839KB
-
Sample
230821-n9c24scf97
-
MD5
2f0f3501e75807204f2a215c99eff42b
-
SHA1
d5b2da2d56009801643eace5069ff77b8419cee6
-
SHA256
b2d24b231d7f3eed7b517f38077ecb890957c334dda06da0a016caa5a15c6cc9
-
SHA512
01fc9ff907ece489d7f307197a2b2d1dd53ff15a3d6b33fbf8a349bea4ce88d4cce9fc582932eb5d1f45219d0011285a6c5bc72798f08e551a9c69a346901f9a
-
SSDEEP
24576:1ymZ+HfQSeDGLM0r++UkHLgemkHlSN0AxxUd:QmZORJL3ZH8etlSN1xx
Static task
static1
Behavioral task
behavioral1
Sample
b2d24b231d7f3eed7b517f38077ecb890957c334dda06da0a016caa5a15c6cc9.exe
Resource
win10v2004-20230703-en
Malware Config
Extracted
redline
lang
77.91.124.73:19071
-
auth_value
92c0fc2b7a8b3fc5a01baa1abf31c42a
Targets
-
-
Target
b2d24b231d7f3eed7b517f38077ecb890957c334dda06da0a016caa5a15c6cc9
-
Size
839KB
-
MD5
2f0f3501e75807204f2a215c99eff42b
-
SHA1
d5b2da2d56009801643eace5069ff77b8419cee6
-
SHA256
b2d24b231d7f3eed7b517f38077ecb890957c334dda06da0a016caa5a15c6cc9
-
SHA512
01fc9ff907ece489d7f307197a2b2d1dd53ff15a3d6b33fbf8a349bea4ce88d4cce9fc582932eb5d1f45219d0011285a6c5bc72798f08e551a9c69a346901f9a
-
SSDEEP
24576:1ymZ+HfQSeDGLM0r++UkHLgemkHlSN0AxxUd:QmZORJL3ZH8etlSN1xx
-
Detects Healer an antivirus disabler dropper
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1