Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
fef1a45ee3c1cb5823425a0f1444c79f57bf7542b1528a985380d5ec33c5de4d
-
Size
826KB
-
Sample
230826-vmxasscc32
-
MD5
beaca4f9be052cc860177f118d1e05f8
-
SHA1
fdf16307319c4e8ea95ff7a585c201649047d322
-
SHA256
fef1a45ee3c1cb5823425a0f1444c79f57bf7542b1528a985380d5ec33c5de4d
-
SHA512
bf926616004b734226f3b9cf5a4622aca96d30e66c4470e1dd742d801fb48c167bf280501ea95aef3d3683a5cb3c59ac2b3b22e232af078bb9e2fa2c1f5f6f07
-
SSDEEP
12288:GMruy90uIvD6nnCR+6fxIQiEUtCGaEcKw42Opq8DXVr:EykvDSCRVIPTavSpqUXJ
Static task
static1
Behavioral task
behavioral1
Sample
fef1a45ee3c1cb5823425a0f1444c79f57bf7542b1528a985380d5ec33c5de4d.exe
Resource
win10-20230703-en
Malware Config
Extracted
redline
jaja
77.91.124.73:19071
-
auth_value
3670179d176ca399ed08e7914610b43c
Targets
-
-
Target
fef1a45ee3c1cb5823425a0f1444c79f57bf7542b1528a985380d5ec33c5de4d
-
Size
826KB
-
MD5
beaca4f9be052cc860177f118d1e05f8
-
SHA1
fdf16307319c4e8ea95ff7a585c201649047d322
-
SHA256
fef1a45ee3c1cb5823425a0f1444c79f57bf7542b1528a985380d5ec33c5de4d
-
SHA512
bf926616004b734226f3b9cf5a4622aca96d30e66c4470e1dd742d801fb48c167bf280501ea95aef3d3683a5cb3c59ac2b3b22e232af078bb9e2fa2c1f5f6f07
-
SSDEEP
12288:GMruy90uIvD6nnCR+6fxIQiEUtCGaEcKw42Opq8DXVr:EykvDSCRVIPTavSpqUXJ
-
Detects Healer an antivirus disabler dropper
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1