Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
5b762ac632cf8f888a32eacd367409ad7b9d34bed92c1c0baf99053d50996594
-
Size
1.4MB
-
Sample
230827-jvqmfagc29
-
MD5
007f9f8c2c4f960b7f0b81667ba0521a
-
SHA1
4807e340be2870eac0b4fd30d0b7a10288ca0b8d
-
SHA256
5b762ac632cf8f888a32eacd367409ad7b9d34bed92c1c0baf99053d50996594
-
SHA512
66bc59160d48985fc731e742f81843fb3bcc9c0c326a421030c9a92d63253bee8769dd93f0adbb164bce34a9423c1207732b97c5b5319cbd80a8943117a8456d
-
SSDEEP
24576:uyPeO9ldNOq7jKR3RB26k0q6HKvKcMUDStiRCH5k8XC6YIKs55gf9Fm1D:9h9bwdR3/RkKKvKcMU2KCHi8yRIT55k
Static task
static1
Behavioral task
behavioral1
Sample
5b762ac632cf8f888a32eacd367409ad7b9d34bed92c1c0baf99053d50996594.exe
Resource
win10v2004-20230824-en
Malware Config
Extracted
amadey
3.87
77.91.68.18/nice/index.php
Extracted
redline
nrava
77.91.124.82:19071
-
auth_value
43fe50e9ee6afb85588e03ac9676e2f7
Targets
-
-
Target
5b762ac632cf8f888a32eacd367409ad7b9d34bed92c1c0baf99053d50996594
-
Size
1.4MB
-
MD5
007f9f8c2c4f960b7f0b81667ba0521a
-
SHA1
4807e340be2870eac0b4fd30d0b7a10288ca0b8d
-
SHA256
5b762ac632cf8f888a32eacd367409ad7b9d34bed92c1c0baf99053d50996594
-
SHA512
66bc59160d48985fc731e742f81843fb3bcc9c0c326a421030c9a92d63253bee8769dd93f0adbb164bce34a9423c1207732b97c5b5319cbd80a8943117a8456d
-
SSDEEP
24576:uyPeO9ldNOq7jKR3RB26k0q6HKvKcMUDStiRCH5k8XC6YIKs55gf9Fm1D:9h9bwdR3/RkKKvKcMU2KCHi8yRIT55k
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-