Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
337e1723d8e1f99d33f16c9f2bedbc23ad4b3f3bead10e1b32a97f5c5f092c00
-
Size
1.4MB
-
Sample
230827-xlg6lacf84
-
MD5
a5993766d5716e2993464445fc56b686
-
SHA1
820220e69dc5dae39232c4b4d653b365b57d15ff
-
SHA256
337e1723d8e1f99d33f16c9f2bedbc23ad4b3f3bead10e1b32a97f5c5f092c00
-
SHA512
6b3915dd23eee8a5105785d9c5870b7b4a61113d2bff0710f31a0a3e7b15fe1712f12461069a42d1377a42401e948ed36e0a89d7090eeefbf4da8a09fd67a38d
-
SSDEEP
24576:0yuNCvXRZHfnQjGsTK9ipN5Lga5w3PEbpIyztzhEGCFJoQj7jJiKwi1:DxXR1fQjlK9ipN975s4zhpVQjX8T
Static task
static1
Behavioral task
behavioral1
Sample
337e1723d8e1f99d33f16c9f2bedbc23ad4b3f3bead10e1b32a97f5c5f092c00.exe
Resource
win10v2004-20230703-en
Malware Config
Extracted
amadey
3.87
77.91.68.18/nice/index.php
Extracted
redline
stas
77.91.124.82:19071
-
auth_value
db6d96c4eade05afc28c31d9ad73a73c
Targets
-
-
Target
337e1723d8e1f99d33f16c9f2bedbc23ad4b3f3bead10e1b32a97f5c5f092c00
-
Size
1.4MB
-
MD5
a5993766d5716e2993464445fc56b686
-
SHA1
820220e69dc5dae39232c4b4d653b365b57d15ff
-
SHA256
337e1723d8e1f99d33f16c9f2bedbc23ad4b3f3bead10e1b32a97f5c5f092c00
-
SHA512
6b3915dd23eee8a5105785d9c5870b7b4a61113d2bff0710f31a0a3e7b15fe1712f12461069a42d1377a42401e948ed36e0a89d7090eeefbf4da8a09fd67a38d
-
SSDEEP
24576:0yuNCvXRZHfnQjGsTK9ipN5Lga5w3PEbpIyztzhEGCFJoQj7jJiKwi1:DxXR1fQjlK9ipN975s4zhpVQjX8T
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-