Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
cf05322ce286ba24b887366a6ff4de031a1558573e0363296d1b8ed16146e4b9
-
Size
1.4MB
-
Sample
230828-tp2smafg4y
-
MD5
2786e6a41c8a8a3a5e93a884746acfba
-
SHA1
edc12c114183401f5d17b87fb99913f165d6dc55
-
SHA256
cf05322ce286ba24b887366a6ff4de031a1558573e0363296d1b8ed16146e4b9
-
SHA512
152380b8b0d04f899f59e32bbca5740fd9f2353416cd145e8b0b1be9139661eaac651dd8677459c84269e75c1b79ef515f45d99ae713a5038ae07035ff3e94c1
-
SSDEEP
24576:Uy1Vq346+d/UqWZiB7KnT/oAnr2h8qa6WRx48jpHSP0DFKlY7mZ0Gyvle7:j1V3rdcqEw7KnT/EhvOx4GlS1Cdvle
Static task
static1
Behavioral task
behavioral1
Sample
cf05322ce286ba24b887366a6ff4de031a1558573e0363296d1b8ed16146e4b9.exe
Resource
win10v2004-20230703-en
Malware Config
Extracted
amadey
3.87
77.91.68.18/nice/index.php
Extracted
redline
stas
77.91.124.82:19071
-
auth_value
db6d96c4eade05afc28c31d9ad73a73c
Targets
-
-
Target
cf05322ce286ba24b887366a6ff4de031a1558573e0363296d1b8ed16146e4b9
-
Size
1.4MB
-
MD5
2786e6a41c8a8a3a5e93a884746acfba
-
SHA1
edc12c114183401f5d17b87fb99913f165d6dc55
-
SHA256
cf05322ce286ba24b887366a6ff4de031a1558573e0363296d1b8ed16146e4b9
-
SHA512
152380b8b0d04f899f59e32bbca5740fd9f2353416cd145e8b0b1be9139661eaac651dd8677459c84269e75c1b79ef515f45d99ae713a5038ae07035ff3e94c1
-
SSDEEP
24576:Uy1Vq346+d/UqWZiB7KnT/oAnr2h8qa6WRx48jpHSP0DFKlY7mZ0Gyvle7:j1V3rdcqEw7KnT/EhvOx4GlS1Cdvle
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-