Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
49eef199e58bf8a60267d58ece816e6d9d162b184dea2ebb2172c22068738098
-
Size
1.4MB
-
Sample
230827-flrllahe31
-
MD5
5a22f920615069545f5cacb89f24dddd
-
SHA1
bc46fd49790be457c1f5370a8cd39c9898387863
-
SHA256
49eef199e58bf8a60267d58ece816e6d9d162b184dea2ebb2172c22068738098
-
SHA512
1d99f54ec3bdd0375cda19a6926c45cb910707914b645f2fbc2822b0150a14e11e6e0d24af3900aab816d6f481dc287de125abefba738abe56b33f7f704a46b6
-
SSDEEP
24576:fytgZwwaIh1UKY8rL414Pmgm2lMcmzNMYWQgcwQVwhB/4aB8arTMVu69y8u5PF5:qeZwwR/UKY8rwW7NMzOYWJcdwhuiDrCg
Static task
static1
Behavioral task
behavioral1
Sample
49eef199e58bf8a60267d58ece816e6d9d162b184dea2ebb2172c22068738098.exe
Resource
win10v2004-20230703-en
Malware Config
Extracted
amadey
3.87
77.91.68.18/nice/index.php
Extracted
redline
nrava
77.91.124.82:19071
-
auth_value
43fe50e9ee6afb85588e03ac9676e2f7
Targets
-
-
Target
49eef199e58bf8a60267d58ece816e6d9d162b184dea2ebb2172c22068738098
-
Size
1.4MB
-
MD5
5a22f920615069545f5cacb89f24dddd
-
SHA1
bc46fd49790be457c1f5370a8cd39c9898387863
-
SHA256
49eef199e58bf8a60267d58ece816e6d9d162b184dea2ebb2172c22068738098
-
SHA512
1d99f54ec3bdd0375cda19a6926c45cb910707914b645f2fbc2822b0150a14e11e6e0d24af3900aab816d6f481dc287de125abefba738abe56b33f7f704a46b6
-
SSDEEP
24576:fytgZwwaIh1UKY8rL414Pmgm2lMcmzNMYWQgcwQVwhB/4aB8arTMVu69y8u5PF5:qeZwwR/UKY8rwW7NMzOYWJcdwhuiDrCg
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-