Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
0047034ae90772403d49aa5de1041a6f9bb3d64adaf42466dc58fc2e36bcec3c
-
Size
930KB
-
Sample
230831-rnn42afa9w
-
MD5
8eb730276ea7aac10a9a71c46e15fb5c
-
SHA1
94852ebe01d80cb0ee62d76c0ae23dc3eb4144ef
-
SHA256
0047034ae90772403d49aa5de1041a6f9bb3d64adaf42466dc58fc2e36bcec3c
-
SHA512
92f27ae7c6fa20951044097051a05ebdc06adfb11321f940716c4fe94b2e6ac63e4ea296f2317549aaca47d6e8623207ee967f57f9e811abae3fa8076344bbd4
-
SSDEEP
24576:MygGcgjs/2ex/n6EuVh0uBZXfYGNdrST:7Cgjs/2E/nq2uvfZNdrS
Static task
static1
Behavioral task
behavioral1
Sample
0047034ae90772403d49aa5de1041a6f9bb3d64adaf42466dc58fc2e36bcec3c.exe
Resource
win10v2004-20230703-en
Malware Config
Extracted
redline
sruta
77.91.124.82:19071
-
auth_value
c556edcd49703319eca74247de20c236
Targets
-
-
Target
0047034ae90772403d49aa5de1041a6f9bb3d64adaf42466dc58fc2e36bcec3c
-
Size
930KB
-
MD5
8eb730276ea7aac10a9a71c46e15fb5c
-
SHA1
94852ebe01d80cb0ee62d76c0ae23dc3eb4144ef
-
SHA256
0047034ae90772403d49aa5de1041a6f9bb3d64adaf42466dc58fc2e36bcec3c
-
SHA512
92f27ae7c6fa20951044097051a05ebdc06adfb11321f940716c4fe94b2e6ac63e4ea296f2317549aaca47d6e8623207ee967f57f9e811abae3fa8076344bbd4
-
SSDEEP
24576:MygGcgjs/2ex/n6EuVh0uBZXfYGNdrST:7Cgjs/2E/nq2uvfZNdrS
-
Detects Healer an antivirus disabler dropper
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1