Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
ORDER QUOTATION LIST.pdf.exe
-
Size
837KB
-
Sample
230822-tf7mhsdd64
-
MD5
00b7354438e3a2483c5c4e0c52d10f7e
-
SHA1
c1c3b90b1cf7541abd6bd9f098811c368078ed0b
-
SHA256
ba85db2614120d1e5b26b4c89847f219317a823bf1e3382cb379666677b0a8fe
-
SHA512
0e1dfb63dd23f508d6d82c89a62618071be5ba3b4b88b4645951c054b96c15ce7e9676976670147a720369f161d554d4af986749e4c3e12f73b1d2954c98a863
-
SSDEEP
24576:/DkUNi1EvGEW93Gtx1Lhrds4t+whW2ANQyj:/DkUrOEW9GLhds4tdUGs
Static task
static1
Behavioral task
behavioral1
Sample
ORDER QUOTATION LIST.pdf.exe
Resource
win7-20230712-en
Malware Config
Extracted
redline
cheat
54.37.0.50:55615
Targets
-
-
Target
ORDER QUOTATION LIST.pdf.exe
-
Size
837KB
-
MD5
00b7354438e3a2483c5c4e0c52d10f7e
-
SHA1
c1c3b90b1cf7541abd6bd9f098811c368078ed0b
-
SHA256
ba85db2614120d1e5b26b4c89847f219317a823bf1e3382cb379666677b0a8fe
-
SHA512
0e1dfb63dd23f508d6d82c89a62618071be5ba3b4b88b4645951c054b96c15ce7e9676976670147a720369f161d554d4af986749e4c3e12f73b1d2954c98a863
-
SSDEEP
24576:/DkUNi1EvGEW93Gtx1Lhrds4t+whW2ANQyj:/DkUrOEW9GLhds4tdUGs
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-