Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
f458c6906bc69275dd873400d1338c15ad311144b05f51c0e205cf7f038ba871
-
Size
927KB
-
Sample
230823-wvj6wagb8z
-
MD5
8931772ac129966a57259992aaf6bbf5
-
SHA1
1a312aba62f193bb70f62605df551782624f8a98
-
SHA256
f458c6906bc69275dd873400d1338c15ad311144b05f51c0e205cf7f038ba871
-
SHA512
dcabf94e5bbabce5313352ab14a4f0cb7caa875a0711ed440a583e281bf3d0b7f02b063c51e85102b932f57b653c9116a5170123d37a45d685a597174a0b0fc0
-
SSDEEP
24576:GyhnkM3KrLMEDKjziVi+la5aLu4Au73chDd:VhkQqvDKjClSaHv
Static task
static1
Behavioral task
behavioral1
Sample
f458c6906bc69275dd873400d1338c15ad311144b05f51c0e205cf7f038ba871.exe
Resource
win10v2004-20230703-en
Malware Config
Extracted
redline
gogi
77.91.124.73:19071
-
auth_value
c7dbabcf1eff128a595c7532cb5489a8
Targets
-
-
Target
f458c6906bc69275dd873400d1338c15ad311144b05f51c0e205cf7f038ba871
-
Size
927KB
-
MD5
8931772ac129966a57259992aaf6bbf5
-
SHA1
1a312aba62f193bb70f62605df551782624f8a98
-
SHA256
f458c6906bc69275dd873400d1338c15ad311144b05f51c0e205cf7f038ba871
-
SHA512
dcabf94e5bbabce5313352ab14a4f0cb7caa875a0711ed440a583e281bf3d0b7f02b063c51e85102b932f57b653c9116a5170123d37a45d685a597174a0b0fc0
-
SSDEEP
24576:GyhnkM3KrLMEDKjziVi+la5aLu4Au73chDd:VhkQqvDKjClSaHv
-
Detects Healer an antivirus disabler dropper
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1