Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
ecf6336a1803eed2fb4644a389cba341b2e1084badfd080ee2e417ff3a5edd32
-
Size
930KB
-
Sample
230825-jakkpabe2v
-
MD5
24346da7ae9c5b1ff35fc2ab06b9038b
-
SHA1
ba9401432b4bb41f55c7a9b4b6857ef5b3e069fe
-
SHA256
ecf6336a1803eed2fb4644a389cba341b2e1084badfd080ee2e417ff3a5edd32
-
SHA512
8dd00842537643e9fb3fc089bdd6d7601d996e11b5b59efc217eebbd9dafb2044d74d250ee99ec87b2d7b21a5f4f7219b1ff697b7dcec4cd633e70e6ae685d37
-
SSDEEP
24576:HyZCS98aGeomWjunsijLy0ju69lrx3AvCwtERIoFwoCf+:Sog8NnSLK67l3ICvuG
Static task
static1
Behavioral task
behavioral1
Sample
ecf6336a1803eed2fb4644a389cba341b2e1084badfd080ee2e417ff3a5edd32.exe
Resource
win10v2004-20230703-en
Malware Config
Extracted
redline
vaga
77.91.124.73:19071
-
auth_value
393905212ded984248e8e000e612d4fe
Targets
-
-
Target
ecf6336a1803eed2fb4644a389cba341b2e1084badfd080ee2e417ff3a5edd32
-
Size
930KB
-
MD5
24346da7ae9c5b1ff35fc2ab06b9038b
-
SHA1
ba9401432b4bb41f55c7a9b4b6857ef5b3e069fe
-
SHA256
ecf6336a1803eed2fb4644a389cba341b2e1084badfd080ee2e417ff3a5edd32
-
SHA512
8dd00842537643e9fb3fc089bdd6d7601d996e11b5b59efc217eebbd9dafb2044d74d250ee99ec87b2d7b21a5f4f7219b1ff697b7dcec4cd633e70e6ae685d37
-
SSDEEP
24576:HyZCS98aGeomWjunsijLy0ju69lrx3AvCwtERIoFwoCf+:Sog8NnSLK67l3ICvuG
-
Detects Healer an antivirus disabler dropper
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1