Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
9ea97710ca2def59a32c4c2f3a164c396784d764902da73f58d2c6c4b400d59d
-
Size
1.4MB
-
Sample
230829-by7q5acc4v
-
MD5
f19bedff28d1596ccf2e83ef47c1c663
-
SHA1
05455077c8e3649da87b61441440bb122fc2b6b1
-
SHA256
9ea97710ca2def59a32c4c2f3a164c396784d764902da73f58d2c6c4b400d59d
-
SHA512
b5fea926ea4228331d971fee74479d6e65f758e98a491cfbcd178bb73412149d202fbb755d4f857c7ea44971715a04b0eeaa1d67198d07f82dac0b3729a586cd
-
SSDEEP
24576:gyuMT4AxTV+kPwQ7dIKe9di1DnIQfDm62hIi/4P5nGchIMZEdBG6VP24Wv+E/SJb:nj4AxQMwQZIKe9di1IEZ2hdIhGchDZmP
Static task
static1
Behavioral task
behavioral1
Sample
9ea97710ca2def59a32c4c2f3a164c396784d764902da73f58d2c6c4b400d59d.exe
Resource
win10-20230703-en
Malware Config
Extracted
amadey
3.87
77.91.68.18/nice/index.php
Extracted
redline
stas
77.91.124.82:19071
-
auth_value
db6d96c4eade05afc28c31d9ad73a73c
Targets
-
-
Target
9ea97710ca2def59a32c4c2f3a164c396784d764902da73f58d2c6c4b400d59d
-
Size
1.4MB
-
MD5
f19bedff28d1596ccf2e83ef47c1c663
-
SHA1
05455077c8e3649da87b61441440bb122fc2b6b1
-
SHA256
9ea97710ca2def59a32c4c2f3a164c396784d764902da73f58d2c6c4b400d59d
-
SHA512
b5fea926ea4228331d971fee74479d6e65f758e98a491cfbcd178bb73412149d202fbb755d4f857c7ea44971715a04b0eeaa1d67198d07f82dac0b3729a586cd
-
SSDEEP
24576:gyuMT4AxTV+kPwQ7dIKe9di1DnIQfDm62hIi/4P5nGchIMZEdBG6VP24Wv+E/SJb:nj4AxQMwQZIKe9di1IEZ2hdIhGchDZmP
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-