Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
f6157c064ecddee58a9650d1912c9b7f143b389121016aaf35ea56386b28a1dd
-
Size
930KB
-
Sample
230831-kt5kmsdg4x
-
MD5
be74152fea77c8c16369379ca5897b8e
-
SHA1
d90a68fbfeef87f426ece1b534f8330e56346eb3
-
SHA256
f6157c064ecddee58a9650d1912c9b7f143b389121016aaf35ea56386b28a1dd
-
SHA512
0c0fc58a8d289a025c6dc329d3673bf93583f328502e5e070b5a90064e2f77a43b6ffead9ba64c564abd235e1fe273944f0c6dc48169d8a5901d186ac3995193
-
SSDEEP
24576:/yHIRlA5c4ShnISiq7Kc7EdBm3Ax0woJbGhIm:KuAe9nracmBm3NwkG
Static task
static1
Behavioral task
behavioral1
Sample
f6157c064ecddee58a9650d1912c9b7f143b389121016aaf35ea56386b28a1dd.exe
Resource
win10-20230703-en
Malware Config
Extracted
redline
sruta
77.91.124.82:19071
-
auth_value
c556edcd49703319eca74247de20c236
Targets
-
-
Target
f6157c064ecddee58a9650d1912c9b7f143b389121016aaf35ea56386b28a1dd
-
Size
930KB
-
MD5
be74152fea77c8c16369379ca5897b8e
-
SHA1
d90a68fbfeef87f426ece1b534f8330e56346eb3
-
SHA256
f6157c064ecddee58a9650d1912c9b7f143b389121016aaf35ea56386b28a1dd
-
SHA512
0c0fc58a8d289a025c6dc329d3673bf93583f328502e5e070b5a90064e2f77a43b6ffead9ba64c564abd235e1fe273944f0c6dc48169d8a5901d186ac3995193
-
SSDEEP
24576:/yHIRlA5c4ShnISiq7Kc7EdBm3Ax0woJbGhIm:KuAe9nracmBm3NwkG
-
Detects Healer an antivirus disabler dropper
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1