Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
093a61458849781533493401f3ce15aaf4710b6a55f76ed8fedc9075ec58b700
-
Size
826KB
-
Sample
230824-kvjdsscg6y
-
MD5
18405c37f6af9d0c4457645db5930eaf
-
SHA1
60cfd3530b05e8dec2227ef3e7ddb7749971f335
-
SHA256
093a61458849781533493401f3ce15aaf4710b6a55f76ed8fedc9075ec58b700
-
SHA512
7e2ca74cc496c473764cb3e413bf58d97166609f8cb70291885f3ef0509cd4dcc460e96086e9920adcc90454cd5b8b34bf2abed098c649586362720c49917082
-
SSDEEP
12288:HMr6y90ijUtjpRLIKXU1HHcDeNZSN6gotS0RkWqer12xrwa8gi4JSt4:JyojpBIKUHcDyAN6LBkR81awXK64
Static task
static1
Behavioral task
behavioral1
Sample
093a61458849781533493401f3ce15aaf4710b6a55f76ed8fedc9075ec58b700.exe
Resource
win10v2004-20230703-en
Malware Config
Extracted
redline
rwan
77.91.124.73:19071
-
auth_value
7c40eda5da4f888d6f61befbf947d9fe
Targets
-
-
Target
093a61458849781533493401f3ce15aaf4710b6a55f76ed8fedc9075ec58b700
-
Size
826KB
-
MD5
18405c37f6af9d0c4457645db5930eaf
-
SHA1
60cfd3530b05e8dec2227ef3e7ddb7749971f335
-
SHA256
093a61458849781533493401f3ce15aaf4710b6a55f76ed8fedc9075ec58b700
-
SHA512
7e2ca74cc496c473764cb3e413bf58d97166609f8cb70291885f3ef0509cd4dcc460e96086e9920adcc90454cd5b8b34bf2abed098c649586362720c49917082
-
SSDEEP
12288:HMr6y90ijUtjpRLIKXU1HHcDeNZSN6gotS0RkWqer12xrwa8gi4JSt4:JyojpBIKUHcDyAN6LBkR81awXK64
-
Detects Healer an antivirus disabler dropper
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1