Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
cbfbc04a8018d517a65d65abe2e565d986c8b430d1b47ecdd592a6b52e79dabd
-
Size
829KB
-
Sample
230825-z2rfbaeg55
-
MD5
5f9839b338906d76e7271c1b02c2ca1b
-
SHA1
06fc4705e34bc555469026f7580520334c1a8c0a
-
SHA256
cbfbc04a8018d517a65d65abe2e565d986c8b430d1b47ecdd592a6b52e79dabd
-
SHA512
35201ee1badc7bf739789cbbfea22bf974771b7346316bd6e5e0bfa88af928ec22ac21018c6fffdc3dc34d9e524d562b6a2f073e5b26c50e0e902a309de1fa9a
-
SSDEEP
12288:VMrYy90gLLCkFkGBA6kinfl8pAQMzqhqZ7Dly8bfAPWHjQL4h+6Rj04qz8:JyxWki36kiypAlqyg87AzE+6Rwxz8
Static task
static1
Behavioral task
behavioral1
Sample
cbfbc04a8018d517a65d65abe2e565d986c8b430d1b47ecdd592a6b52e79dabd.exe
Resource
win10v2004-20230824-en
Malware Config
Extracted
redline
jaja
77.91.124.73:19071
-
auth_value
3670179d176ca399ed08e7914610b43c
Targets
-
-
Target
cbfbc04a8018d517a65d65abe2e565d986c8b430d1b47ecdd592a6b52e79dabd
-
Size
829KB
-
MD5
5f9839b338906d76e7271c1b02c2ca1b
-
SHA1
06fc4705e34bc555469026f7580520334c1a8c0a
-
SHA256
cbfbc04a8018d517a65d65abe2e565d986c8b430d1b47ecdd592a6b52e79dabd
-
SHA512
35201ee1badc7bf739789cbbfea22bf974771b7346316bd6e5e0bfa88af928ec22ac21018c6fffdc3dc34d9e524d562b6a2f073e5b26c50e0e902a309de1fa9a
-
SSDEEP
12288:VMrYy90gLLCkFkGBA6kinfl8pAQMzqhqZ7Dly8bfAPWHjQL4h+6Rj04qz8:JyxWki36kiypAlqyg87AzE+6Rwxz8
-
Detects Healer an antivirus disabler dropper
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1