Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
a0b33824a0fd5088fee3061fa79dc143331b05fcc7a3201b1d0d191d1bd8bb5c
-
Size
514KB
-
Sample
230826-lmjv2abb5z
-
MD5
8bfc6ea2f5daffb1da6de7b92fdfbc0b
-
SHA1
41ff36ed63936446e8165b96ac2d2f2514e6c353
-
SHA256
a0b33824a0fd5088fee3061fa79dc143331b05fcc7a3201b1d0d191d1bd8bb5c
-
SHA512
854ebdb2006f53a1ba6d59bd614ccdd01f77bcb8a7de74dafcf41f3eba3aebc94972def9ab3229827270126149fc2d06bb0a536348bd9c1d3be4a750e9af467b
-
SSDEEP
6144:DahOFNURwDa61k2qHkZTMEgh8DuayuK6ShAZ169bkKZKG1SPXwDfotM5yoObMEKo:DiuH1E78jK6SPRgG1SPUotxQEbz1B
Static task
static1
Behavioral task
behavioral1
Sample
a0b33824a0fd5088fee3061fa79dc143331b05fcc7a3201b1d0d191d1bd8bb5c.exe
Resource
win10-20230703-en
Malware Config
Targets
-
-
Target
a0b33824a0fd5088fee3061fa79dc143331b05fcc7a3201b1d0d191d1bd8bb5c
-
Size
514KB
-
MD5
8bfc6ea2f5daffb1da6de7b92fdfbc0b
-
SHA1
41ff36ed63936446e8165b96ac2d2f2514e6c353
-
SHA256
a0b33824a0fd5088fee3061fa79dc143331b05fcc7a3201b1d0d191d1bd8bb5c
-
SHA512
854ebdb2006f53a1ba6d59bd614ccdd01f77bcb8a7de74dafcf41f3eba3aebc94972def9ab3229827270126149fc2d06bb0a536348bd9c1d3be4a750e9af467b
-
SSDEEP
6144:DahOFNURwDa61k2qHkZTMEgh8DuayuK6ShAZ169bkKZKG1SPXwDfotM5yoObMEKo:DiuH1E78jK6SPRgG1SPUotxQEbz1B
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-