Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
7f1729fd0325ff6ce383a3ce24810eec50f7143c062ac958ca67dcfe4e0ec604
-
Size
828KB
-
Sample
230828-d5zp7shb71
-
MD5
124f290be8d18d42ca3e663c05f96a03
-
SHA1
d9a546e3fc761ec2206039d68c3714618c132158
-
SHA256
7f1729fd0325ff6ce383a3ce24810eec50f7143c062ac958ca67dcfe4e0ec604
-
SHA512
8ebccc937567fedb167d09a0eea2fbb1fd9171a5190d1a542f8a25d735f90cff3e28b5d30fde5a8148d727d6ce341ea236e3d8f0ed5677d59d65b8f3de49e6b3
-
SSDEEP
24576:uyuwj473lw3h5ToVj7TgxyZinDeU1fIf:9kZa8VLyiinf1w
Static task
static1
Behavioral task
behavioral1
Sample
7f1729fd0325ff6ce383a3ce24810eec50f7143c062ac958ca67dcfe4e0ec604.exe
Resource
win10-20230703-en
Malware Config
Extracted
redline
stas
77.91.124.82:19071
-
auth_value
db6d96c4eade05afc28c31d9ad73a73c
Targets
-
-
Target
7f1729fd0325ff6ce383a3ce24810eec50f7143c062ac958ca67dcfe4e0ec604
-
Size
828KB
-
MD5
124f290be8d18d42ca3e663c05f96a03
-
SHA1
d9a546e3fc761ec2206039d68c3714618c132158
-
SHA256
7f1729fd0325ff6ce383a3ce24810eec50f7143c062ac958ca67dcfe4e0ec604
-
SHA512
8ebccc937567fedb167d09a0eea2fbb1fd9171a5190d1a542f8a25d735f90cff3e28b5d30fde5a8148d727d6ce341ea236e3d8f0ed5677d59d65b8f3de49e6b3
-
SSDEEP
24576:uyuwj473lw3h5ToVj7TgxyZinDeU1fIf:9kZa8VLyiinf1w
-
Detects Healer an antivirus disabler dropper
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1