Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
7509416aa5b0abbe9052fde46ea909880a2bb853ca45867c99092d2d156f0e8a
-
Size
1.4MB
-
Sample
230827-bw5hzseg48
-
MD5
e9f7d644c1e9700cccd0259334316aa0
-
SHA1
f93f6c24c70253c7623cf04a12b811f074ab5a54
-
SHA256
7509416aa5b0abbe9052fde46ea909880a2bb853ca45867c99092d2d156f0e8a
-
SHA512
71f3e347dfd50be619ef2bf7970f17c0e040d67c5e5f1fd5c6d7ef304a78ec779a82aac4b6aa7b6608f06d43d92ede7b37bc18a14838c9d31fce455fcb49b31c
-
SSDEEP
24576:OyQ+oCc5OVQ2rFecIKze/mAeZQ4L4x9HnlMUBw2HDsVfahr4r0ZBD9UB23LHOhcr:dWl5crYKze/mK4k7+UBw2HDQfat629I4
Static task
static1
Behavioral task
behavioral1
Sample
7509416aa5b0abbe9052fde46ea909880a2bb853ca45867c99092d2d156f0e8a.exe
Resource
win10-20230703-en
Malware Config
Extracted
amadey
3.87
77.91.68.18/nice/index.php
Extracted
redline
nrava
77.91.124.82:19071
-
auth_value
43fe50e9ee6afb85588e03ac9676e2f7
Targets
-
-
Target
7509416aa5b0abbe9052fde46ea909880a2bb853ca45867c99092d2d156f0e8a
-
Size
1.4MB
-
MD5
e9f7d644c1e9700cccd0259334316aa0
-
SHA1
f93f6c24c70253c7623cf04a12b811f074ab5a54
-
SHA256
7509416aa5b0abbe9052fde46ea909880a2bb853ca45867c99092d2d156f0e8a
-
SHA512
71f3e347dfd50be619ef2bf7970f17c0e040d67c5e5f1fd5c6d7ef304a78ec779a82aac4b6aa7b6608f06d43d92ede7b37bc18a14838c9d31fce455fcb49b31c
-
SSDEEP
24576:OyQ+oCc5OVQ2rFecIKze/mAeZQ4L4x9HnlMUBw2HDsVfahr4r0ZBD9UB23LHOhcr:dWl5crYKze/mK4k7+UBw2HDQfat629I4
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-