Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
3e0b7cd292d5a715f078301281db4e0af93c845bcd016c8b89604997424a4ca6
-
Size
828KB
-
Sample
230822-z2733afd95
-
MD5
dc2aefdbe2b21a6d7865b8f438871f33
-
SHA1
8e005f2c7a8a855f83cf6c1c35bace96e36292d0
-
SHA256
3e0b7cd292d5a715f078301281db4e0af93c845bcd016c8b89604997424a4ca6
-
SHA512
a78f22eebb96bd3ebaf53c9d3dc2a16bf7ea0875ed9f1d8ce8bf899404fd80540094917e31887af544cd4e61084b6373b86984c7cb20a4c23f944498a324116d
-
SSDEEP
24576:2ypwS3F9IJIdrc+B5mzm31HrfKDwbjUn:Fh3XImcum6lZbj
Static task
static1
Behavioral task
behavioral1
Sample
3e0b7cd292d5a715f078301281db4e0af93c845bcd016c8b89604997424a4ca6.exe
Resource
win10-20230703-en
Malware Config
Extracted
redline
rota
77.91.124.73:19071
-
auth_value
320c7daa59eb9b82e20a15162392a756
Targets
-
-
Target
3e0b7cd292d5a715f078301281db4e0af93c845bcd016c8b89604997424a4ca6
-
Size
828KB
-
MD5
dc2aefdbe2b21a6d7865b8f438871f33
-
SHA1
8e005f2c7a8a855f83cf6c1c35bace96e36292d0
-
SHA256
3e0b7cd292d5a715f078301281db4e0af93c845bcd016c8b89604997424a4ca6
-
SHA512
a78f22eebb96bd3ebaf53c9d3dc2a16bf7ea0875ed9f1d8ce8bf899404fd80540094917e31887af544cd4e61084b6373b86984c7cb20a4c23f944498a324116d
-
SSDEEP
24576:2ypwS3F9IJIdrc+B5mzm31HrfKDwbjUn:Fh3XImcum6lZbj
-
Detects Healer an antivirus disabler dropper
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1