Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
bde92e696d3184b5f4b7a35200dcb08ae4e97db9337f51dd88219349ff86adeb
-
Size
828KB
-
Sample
230822-3eepsahf2t
-
MD5
8b5019f7eeb01c17088e92b98b5e953c
-
SHA1
d64e1762cec1af4d2d39155725707479077531af
-
SHA256
bde92e696d3184b5f4b7a35200dcb08ae4e97db9337f51dd88219349ff86adeb
-
SHA512
9bd607c4612f0d70b1e94484a7a9f8eb39e19d10b88d19079c1bdd5a2c1b34dfde9b959054ab80f521dbde04325857ceda7859f462d027565fc43b93493084dc
-
SSDEEP
12288:GMrwy90FCcA+hql0H9mkDvSyqiptHNm8XLNFzj4eICgMeHKWgnP6ZsBY1qBpsf:ay0CcvMGkkrSyfnIu5KeIC7HWgycq
Static task
static1
Behavioral task
behavioral1
Sample
bde92e696d3184b5f4b7a35200dcb08ae4e97db9337f51dd88219349ff86adeb.exe
Resource
win10v2004-20230703-en
Malware Config
Extracted
redline
rota
77.91.124.73:19071
-
auth_value
320c7daa59eb9b82e20a15162392a756
Targets
-
-
Target
bde92e696d3184b5f4b7a35200dcb08ae4e97db9337f51dd88219349ff86adeb
-
Size
828KB
-
MD5
8b5019f7eeb01c17088e92b98b5e953c
-
SHA1
d64e1762cec1af4d2d39155725707479077531af
-
SHA256
bde92e696d3184b5f4b7a35200dcb08ae4e97db9337f51dd88219349ff86adeb
-
SHA512
9bd607c4612f0d70b1e94484a7a9f8eb39e19d10b88d19079c1bdd5a2c1b34dfde9b959054ab80f521dbde04325857ceda7859f462d027565fc43b93493084dc
-
SSDEEP
12288:GMrwy90FCcA+hql0H9mkDvSyqiptHNm8XLNFzj4eICgMeHKWgnP6ZsBY1qBpsf:ay0CcvMGkkrSyfnIu5KeIC7HWgycq
-
Detects Healer an antivirus disabler dropper
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1