Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
40f026f5ac84239706230b92ace37bbdd1309c67fcb402e0aa5cc132457ecc9e
-
Size
929KB
-
Sample
230824-3mj98sgb38
-
MD5
01095b3275e0279e54d486cff819b4c7
-
SHA1
2461018bd5c362f7b733487d836af95648b03b5a
-
SHA256
40f026f5ac84239706230b92ace37bbdd1309c67fcb402e0aa5cc132457ecc9e
-
SHA512
8944baa9e4afa0f451c1ef3b9348978df98fed927d122f76eefe4f0b942ed8be7ce89590ce80804fa32f4e0d423080083d518c5a4b0f96bdcd28d9bc0cf24459
-
SSDEEP
12288:5MrQy90J3onxZ2uG/gNLA/Z1lfovIqgKCWHvbL5rIWacyyAmKrd8GFpdSFyJdPvE:lysQfMZgwqg186WactAmgXdomypn
Static task
static1
Behavioral task
behavioral1
Sample
40f026f5ac84239706230b92ace37bbdd1309c67fcb402e0aa5cc132457ecc9e.exe
Resource
win10v2004-20230703-en
Malware Config
Extracted
redline
vaga
77.91.124.73:19071
-
auth_value
393905212ded984248e8e000e612d4fe
Targets
-
-
Target
40f026f5ac84239706230b92ace37bbdd1309c67fcb402e0aa5cc132457ecc9e
-
Size
929KB
-
MD5
01095b3275e0279e54d486cff819b4c7
-
SHA1
2461018bd5c362f7b733487d836af95648b03b5a
-
SHA256
40f026f5ac84239706230b92ace37bbdd1309c67fcb402e0aa5cc132457ecc9e
-
SHA512
8944baa9e4afa0f451c1ef3b9348978df98fed927d122f76eefe4f0b942ed8be7ce89590ce80804fa32f4e0d423080083d518c5a4b0f96bdcd28d9bc0cf24459
-
SSDEEP
12288:5MrQy90J3onxZ2uG/gNLA/Z1lfovIqgKCWHvbL5rIWacyyAmKrd8GFpdSFyJdPvE:lysQfMZgwqg186WactAmgXdomypn
-
Detects Healer an antivirus disabler dropper
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1