Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
6d53a254fa2e347cb03754f84531b7b689c7e3558885b3ca9047706b625e1a51_JC.exe
-
Size
837KB
-
Sample
230822-vsctcafd7x
-
MD5
598b5127dccfd15a80b3a89f2b8bfa76
-
SHA1
15da3f9e0df172ccf84e231b5a317ddce888b77a
-
SHA256
6d53a254fa2e347cb03754f84531b7b689c7e3558885b3ca9047706b625e1a51
-
SHA512
608cb4797123cc2c8de9f5b2c87d16e763acfb2584b2320f1e5c7cd62b0f79505208dd007d4a240cf2176d1a9e798aa9b49d4d82a91124ec0a544f1e761d0065
-
SSDEEP
24576:Ay9NU6tZtjmY4ZUp/RVU16/nF+joSKzWN:H9NUytjmY4ip/fCWc0x
Static task
static1
Behavioral task
behavioral1
Sample
6d53a254fa2e347cb03754f84531b7b689c7e3558885b3ca9047706b625e1a51_JC.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
6d53a254fa2e347cb03754f84531b7b689c7e3558885b3ca9047706b625e1a51_JC.exe
Resource
win10v2004-20230703-en
Malware Config
Extracted
redline
dugin
77.91.124.73:19071
-
auth_value
7c3e46e091100fd26a6076996d374c28
Targets
-
-
Target
6d53a254fa2e347cb03754f84531b7b689c7e3558885b3ca9047706b625e1a51_JC.exe
-
Size
837KB
-
MD5
598b5127dccfd15a80b3a89f2b8bfa76
-
SHA1
15da3f9e0df172ccf84e231b5a317ddce888b77a
-
SHA256
6d53a254fa2e347cb03754f84531b7b689c7e3558885b3ca9047706b625e1a51
-
SHA512
608cb4797123cc2c8de9f5b2c87d16e763acfb2584b2320f1e5c7cd62b0f79505208dd007d4a240cf2176d1a9e798aa9b49d4d82a91124ec0a544f1e761d0065
-
SSDEEP
24576:Ay9NU6tZtjmY4ZUp/RVU16/nF+joSKzWN:H9NUytjmY4ip/fCWc0x
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-