Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
eef8c20f1e7b59d35e829b1255b0e1a1c4c64baa863287af8ff293aca88b997c
-
Size
1.4MB
-
Sample
230828-x5c1zsfc28
-
MD5
b123c79d36be9ea9056081549aceca80
-
SHA1
0b3917f0d9219ee35df516accd37509d6887578c
-
SHA256
eef8c20f1e7b59d35e829b1255b0e1a1c4c64baa863287af8ff293aca88b997c
-
SHA512
7de8c1fa16761f80ad99c31368164121db6efca6a5ba4f57ebe61084b02c119a35393dcb7a6ebfc145673d94344ecb5fdd1e6829dbc3950772ffc652e953c34d
-
SSDEEP
24576:Sy3+W8KyhjyUjV62OKM3GGJ26f/uMIkDGlMYOw1xjTUnz9hAqmX9LLtgtDxFgBTL:53+gyAUZYKM3GGXfWxMYOw1FgzzA7Lt3
Static task
static1
Behavioral task
behavioral1
Sample
eef8c20f1e7b59d35e829b1255b0e1a1c4c64baa863287af8ff293aca88b997c.exe
Resource
win10-20230703-en
Malware Config
Extracted
amadey
3.87
77.91.68.18/nice/index.php
Extracted
redline
stas
77.91.124.82:19071
-
auth_value
db6d96c4eade05afc28c31d9ad73a73c
Targets
-
-
Target
eef8c20f1e7b59d35e829b1255b0e1a1c4c64baa863287af8ff293aca88b997c
-
Size
1.4MB
-
MD5
b123c79d36be9ea9056081549aceca80
-
SHA1
0b3917f0d9219ee35df516accd37509d6887578c
-
SHA256
eef8c20f1e7b59d35e829b1255b0e1a1c4c64baa863287af8ff293aca88b997c
-
SHA512
7de8c1fa16761f80ad99c31368164121db6efca6a5ba4f57ebe61084b02c119a35393dcb7a6ebfc145673d94344ecb5fdd1e6829dbc3950772ffc652e953c34d
-
SSDEEP
24576:Sy3+W8KyhjyUjV62OKM3GGJ26f/uMIkDGlMYOw1xjTUnz9hAqmX9LLtgtDxFgBTL:53+gyAUZYKM3GGXfWxMYOw1FgzzA7Lt3
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-