Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
5fe055b4e902f7f10cc3a3b9a2b1551893cee26c7e4b67c1bc48d2444491e981
-
Size
924KB
-
Sample
230826-vb5sssdh9z
-
MD5
ec353d467192e790537851ad396b8533
-
SHA1
b7aa8f141bad7ff14d86faad78c5f185a9e12306
-
SHA256
5fe055b4e902f7f10cc3a3b9a2b1551893cee26c7e4b67c1bc48d2444491e981
-
SHA512
ba4713e381de77e3a25a0a9f927f4fe3c57dd87958cbe30d47c6d0b244a7e541d8c7916e2756fc79469e67c19453980baa9aa68c84b5c72e5529c04874eeb2ec
-
SSDEEP
24576:My9tMv2wJnlVFyH3s8E0gUhfvmZbiSbUv4:78lVFyH3s8EbuSbU
Static task
static1
Behavioral task
behavioral1
Sample
5fe055b4e902f7f10cc3a3b9a2b1551893cee26c7e4b67c1bc48d2444491e981.exe
Resource
win10v2004-20230824-en
Malware Config
Extracted
redline
jaja
77.91.124.73:19071
-
auth_value
3670179d176ca399ed08e7914610b43c
Targets
-
-
Target
5fe055b4e902f7f10cc3a3b9a2b1551893cee26c7e4b67c1bc48d2444491e981
-
Size
924KB
-
MD5
ec353d467192e790537851ad396b8533
-
SHA1
b7aa8f141bad7ff14d86faad78c5f185a9e12306
-
SHA256
5fe055b4e902f7f10cc3a3b9a2b1551893cee26c7e4b67c1bc48d2444491e981
-
SHA512
ba4713e381de77e3a25a0a9f927f4fe3c57dd87958cbe30d47c6d0b244a7e541d8c7916e2756fc79469e67c19453980baa9aa68c84b5c72e5529c04874eeb2ec
-
SSDEEP
24576:My9tMv2wJnlVFyH3s8E0gUhfvmZbiSbUv4:78lVFyH3s8EbuSbU
-
Detects Healer an antivirus disabler dropper
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1