Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
edf02850ec85408c916b54f9598444504ae97ed1790dd2629b5a258d57552690
-
Size
825KB
-
Sample
230829-mvk9hafa4y
-
MD5
78c7c1b9bf75ecf365ef00f7438671bb
-
SHA1
c6da61f55d033ac2deb3a89f54b4ec9b7e36d94d
-
SHA256
edf02850ec85408c916b54f9598444504ae97ed1790dd2629b5a258d57552690
-
SHA512
75bb016db995383c8d11e6715beca615f55575dfb9729bd975a0807c1347b013c68034eedfd6287e2d4d24d0bc9ccdcb71fd3ef95800f31d99d41533a14ac883
-
SSDEEP
12288:PMroy907xHt0DSDiZHZwwCtXnN/+N5uK220Z0jt3kImcmBK3QQfEMU0ZmpX9OJF9:/y68BHZwVr1viR7tmIQQfEkONUF9
Static task
static1
Behavioral task
behavioral1
Sample
edf02850ec85408c916b54f9598444504ae97ed1790dd2629b5a258d57552690.exe
Resource
win10v2004-20230703-en
Malware Config
Extracted
redline
stas
77.91.124.82:19071
-
auth_value
db6d96c4eade05afc28c31d9ad73a73c
Targets
-
-
Target
edf02850ec85408c916b54f9598444504ae97ed1790dd2629b5a258d57552690
-
Size
825KB
-
MD5
78c7c1b9bf75ecf365ef00f7438671bb
-
SHA1
c6da61f55d033ac2deb3a89f54b4ec9b7e36d94d
-
SHA256
edf02850ec85408c916b54f9598444504ae97ed1790dd2629b5a258d57552690
-
SHA512
75bb016db995383c8d11e6715beca615f55575dfb9729bd975a0807c1347b013c68034eedfd6287e2d4d24d0bc9ccdcb71fd3ef95800f31d99d41533a14ac883
-
SSDEEP
12288:PMroy907xHt0DSDiZHZwwCtXnN/+N5uK220Z0jt3kImcmBK3QQfEMU0ZmpX9OJF9:/y68BHZwVr1viR7tmIQQfEkONUF9
-
Detects Healer an antivirus disabler dropper
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1