Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
81f4babb3a6c4021c631cd770e5916fab71321622b45c9770f20d87149bab228
-
Size
591KB
-
Sample
230821-w6sbmagh6s
-
MD5
0902424bc68ecac5e0d8557a89e65a80
-
SHA1
4154a92f38f3147dde045aa0df1b0f0bcb5a67fb
-
SHA256
81f4babb3a6c4021c631cd770e5916fab71321622b45c9770f20d87149bab228
-
SHA512
7a6371030bf9924e8694c8ea1f3eefb351e9dcc50885f13709d993a5e8124244ad05736964dd8263858e22fdb1d320352996a344d5ca7f82f63a7e833cdbb82d
-
SSDEEP
12288:2MrPy90/MFGHS1V2M52Mqxa49ZFBLfjSWhtS:ZysHS1AM5tqo+vBLfjS7
Static task
static1
Behavioral task
behavioral1
Sample
81f4babb3a6c4021c631cd770e5916fab71321622b45c9770f20d87149bab228.exe
Resource
win10-20230703-en
Malware Config
Extracted
amadey
S-%lu-
77.91.68.18/nice/index.php
3.87/nice/index.php
Extracted
redline
lang
77.91.124.73:19071
-
auth_value
92c0fc2b7a8b3fc5a01baa1abf31c42a
Targets
-
-
Target
81f4babb3a6c4021c631cd770e5916fab71321622b45c9770f20d87149bab228
-
Size
591KB
-
MD5
0902424bc68ecac5e0d8557a89e65a80
-
SHA1
4154a92f38f3147dde045aa0df1b0f0bcb5a67fb
-
SHA256
81f4babb3a6c4021c631cd770e5916fab71321622b45c9770f20d87149bab228
-
SHA512
7a6371030bf9924e8694c8ea1f3eefb351e9dcc50885f13709d993a5e8124244ad05736964dd8263858e22fdb1d320352996a344d5ca7f82f63a7e833cdbb82d
-
SSDEEP
12288:2MrPy90/MFGHS1V2M52Mqxa49ZFBLfjSWhtS:ZysHS1AM5tqo+vBLfjS7
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-