Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
b8ee2960aab380f5665e2e85c5b58606daa563339a528be856e6640dd6f36bae_JC.exe
-
Size
831KB
-
Sample
230827-wp9jksec4s
-
MD5
650bb84be58ede733ed023e1f86c9f30
-
SHA1
0a1e433dde0ac3882392dd49356b1f54dc6d139b
-
SHA256
b8ee2960aab380f5665e2e85c5b58606daa563339a528be856e6640dd6f36bae
-
SHA512
624c48e4cbf2ce1500c5a009554bb45a2eeddce466e7e66609d7891876d14108389794571a43f9314214896aff0d8c00c35d5ceca40ea41c1d45ccdde98c3b67
-
SSDEEP
12288:OMrxy90XtDkDoqWfg5omLWx6N+PpPrx4Vn5pP9lrkO1Xzh2oelBJEVFSEcnFjn:nyDWY5WUNit415pPN1Yl3jxnVn
Static task
static1
Behavioral task
behavioral1
Sample
b8ee2960aab380f5665e2e85c5b58606daa563339a528be856e6640dd6f36bae_JC.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
b8ee2960aab380f5665e2e85c5b58606daa563339a528be856e6640dd6f36bae_JC.exe
Resource
win10v2004-20230824-en
Malware Config
Extracted
redline
dugin
77.91.124.73:19071
-
auth_value
7c3e46e091100fd26a6076996d374c28
Targets
-
-
Target
b8ee2960aab380f5665e2e85c5b58606daa563339a528be856e6640dd6f36bae_JC.exe
-
Size
831KB
-
MD5
650bb84be58ede733ed023e1f86c9f30
-
SHA1
0a1e433dde0ac3882392dd49356b1f54dc6d139b
-
SHA256
b8ee2960aab380f5665e2e85c5b58606daa563339a528be856e6640dd6f36bae
-
SHA512
624c48e4cbf2ce1500c5a009554bb45a2eeddce466e7e66609d7891876d14108389794571a43f9314214896aff0d8c00c35d5ceca40ea41c1d45ccdde98c3b67
-
SSDEEP
12288:OMrxy90XtDkDoqWfg5omLWx6N+PpPrx4Vn5pP9lrkO1Xzh2oelBJEVFSEcnFjn:nyDWY5WUNit415pPN1Yl3jxnVn
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-