Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
96737f712182be8dbff74b514cf8057bf540692009a7e1895626ddfe6dcb5656
-
Size
1.4MB
-
Sample
230901-cy3ylsbg3x
-
MD5
0828dae190caf564b35d342e1d0e244e
-
SHA1
6ac4d5fdb27f0dda79785a5efc98626c2cca5018
-
SHA256
96737f712182be8dbff74b514cf8057bf540692009a7e1895626ddfe6dcb5656
-
SHA512
c3861b1de7fac64157f53eb47272c99565be34f1dbd29d04a5bf48248524a46554bf69e41f0b93bf3acaa8d21aececcdcfdf14ed780b9e1f6b3bcf5ff91e2bf9
-
SSDEEP
24576:pyDjM7QXoFnKOOhiznQjyiDbfF67pLpwO39dhkGc/6o+KDw5pCO9iM6Yfj7td:cMsGKOOhiznQ+iDbf81LpdhkGg0x5pCo
Static task
static1
Behavioral task
behavioral1
Sample
96737f712182be8dbff74b514cf8057bf540692009a7e1895626ddfe6dcb5656.exe
Resource
win10-20230831-en
Malware Config
Extracted
amadey
3.87
77.91.68.18/nice/index.php
-
install_dir
b40d11255d
-
install_file
saves.exe
-
strings_key
fa622dfc42544927a6471829ee1fa9fe
Extracted
redline
jang
77.91.124.82:19071
-
auth_value
662102010afcbe9e22b13116b1c1a088
Targets
-
-
Target
96737f712182be8dbff74b514cf8057bf540692009a7e1895626ddfe6dcb5656
-
Size
1.4MB
-
MD5
0828dae190caf564b35d342e1d0e244e
-
SHA1
6ac4d5fdb27f0dda79785a5efc98626c2cca5018
-
SHA256
96737f712182be8dbff74b514cf8057bf540692009a7e1895626ddfe6dcb5656
-
SHA512
c3861b1de7fac64157f53eb47272c99565be34f1dbd29d04a5bf48248524a46554bf69e41f0b93bf3acaa8d21aececcdcfdf14ed780b9e1f6b3bcf5ff91e2bf9
-
SSDEEP
24576:pyDjM7QXoFnKOOhiznQjyiDbfF67pLpwO39dhkGc/6o+KDw5pCO9iM6Yfj7td:cMsGKOOhiznQ+iDbf81LpdhkGg0x5pCo
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-