Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
72af625932fb9400a6661a6bde830518.exe
-
Size
1.8MB
-
Sample
230822-paay5sca76
-
MD5
72af625932fb9400a6661a6bde830518
-
SHA1
5e8a5fa07bf51e226272e8fc6a209b870475f744
-
SHA256
ffec60c04fbfc5fc53b99a9133d7e4432125622f25605ec0d94a413548a48e17
-
SHA512
ab47024f63b58e98e06bf2ad4ca22e7519de8b5ff195c8f349c55edfa4fc484c525560595f362ab3c20dc157bed884444d8eb7b7277ea2c71c90fc5389eff865
-
SSDEEP
24576:TdgvYOmxjN9cDk+OeOxrV/JHaX16tK95IBJd:TdrxjN9cDhOeaJHm1609m
Static task
static1
Behavioral task
behavioral1
Sample
72af625932fb9400a6661a6bde830518.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
72af625932fb9400a6661a6bde830518.exe
Resource
win10v2004-20230703-en
Malware Config
Targets
-
-
Target
72af625932fb9400a6661a6bde830518.exe
-
Size
1.8MB
-
MD5
72af625932fb9400a6661a6bde830518
-
SHA1
5e8a5fa07bf51e226272e8fc6a209b870475f744
-
SHA256
ffec60c04fbfc5fc53b99a9133d7e4432125622f25605ec0d94a413548a48e17
-
SHA512
ab47024f63b58e98e06bf2ad4ca22e7519de8b5ff195c8f349c55edfa4fc484c525560595f362ab3c20dc157bed884444d8eb7b7277ea2c71c90fc5389eff865
-
SSDEEP
24576:TdgvYOmxjN9cDk+OeOxrV/JHaX16tK95IBJd:TdrxjN9cDhOeaJHm1609m
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Uses the VBS compiler for execution
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-