Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
9820b41a704852e920de3d3155ff3ccefdf50d623d6fba7e89b6051f58f6a7bd
-
Size
1.4MB
-
Sample
230828-n43qksdf2w
-
MD5
2756657c1645923808846f573005ccf9
-
SHA1
5d3257fb22b4e270b708acaf4d45dd62f20cf114
-
SHA256
9820b41a704852e920de3d3155ff3ccefdf50d623d6fba7e89b6051f58f6a7bd
-
SHA512
5cccbca1833ebff8adbf97bc4d49b31b431e39ccfb30e582e9f6e8e68e496ba8590856791335bd1ed16b7af2a603a824eaef15a904c86e10cc6d6b4b4e830d70
-
SSDEEP
24576:IyRdbMWlMFf2aL2fVCpKvtZSD7XF2ib5iTFxukqOxLrgSmmSdKYO12CoU0xi9zI3:PPbnlEv29YKvtZSN2ibwxuBOhrgRoYQx
Static task
static1
Behavioral task
behavioral1
Sample
9820b41a704852e920de3d3155ff3ccefdf50d623d6fba7e89b6051f58f6a7bd.exe
Resource
win10-20230703-en
Malware Config
Extracted
amadey
3.87
77.91.68.18/nice/index.php
Extracted
redline
stas
77.91.124.82:19071
-
auth_value
db6d96c4eade05afc28c31d9ad73a73c
Targets
-
-
Target
9820b41a704852e920de3d3155ff3ccefdf50d623d6fba7e89b6051f58f6a7bd
-
Size
1.4MB
-
MD5
2756657c1645923808846f573005ccf9
-
SHA1
5d3257fb22b4e270b708acaf4d45dd62f20cf114
-
SHA256
9820b41a704852e920de3d3155ff3ccefdf50d623d6fba7e89b6051f58f6a7bd
-
SHA512
5cccbca1833ebff8adbf97bc4d49b31b431e39ccfb30e582e9f6e8e68e496ba8590856791335bd1ed16b7af2a603a824eaef15a904c86e10cc6d6b4b4e830d70
-
SSDEEP
24576:IyRdbMWlMFf2aL2fVCpKvtZSD7XF2ib5iTFxukqOxLrgSmmSdKYO12CoU0xi9zI3:PPbnlEv29YKvtZSN2ibwxuBOhrgRoYQx
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-