Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
c33db0df2a0ba843176dfaf8a0277f9e3640056dd9539d56103929bc46b9bf08
-
Size
930KB
-
Sample
230901-fvyfhach56
-
MD5
4eed99a25e71ac5564127defdb2ba0d4
-
SHA1
96e7d6aabe5dd29ccc47b92038b50fd2f1a04bf2
-
SHA256
c33db0df2a0ba843176dfaf8a0277f9e3640056dd9539d56103929bc46b9bf08
-
SHA512
c34447641117c72c9ca9581485a8ea11a3f2f5c210fb404063b46a9027628059865ebcf3025fd4c371b2634998bfc6931a0c216b324a03cf5c789e43669bb2ca
-
SSDEEP
24576:ByXAxGYxE5zFEBeBX8PMIVQh0yoxhDPOB3G5t:0XJYxiFEeX8PpTN5Wc5
Static task
static1
Behavioral task
behavioral1
Sample
c33db0df2a0ba843176dfaf8a0277f9e3640056dd9539d56103929bc46b9bf08.exe
Resource
win10v2004-20230831-en
Malware Config
Extracted
redline
jang
77.91.124.82:19071
-
auth_value
662102010afcbe9e22b13116b1c1a088
Targets
-
-
Target
c33db0df2a0ba843176dfaf8a0277f9e3640056dd9539d56103929bc46b9bf08
-
Size
930KB
-
MD5
4eed99a25e71ac5564127defdb2ba0d4
-
SHA1
96e7d6aabe5dd29ccc47b92038b50fd2f1a04bf2
-
SHA256
c33db0df2a0ba843176dfaf8a0277f9e3640056dd9539d56103929bc46b9bf08
-
SHA512
c34447641117c72c9ca9581485a8ea11a3f2f5c210fb404063b46a9027628059865ebcf3025fd4c371b2634998bfc6931a0c216b324a03cf5c789e43669bb2ca
-
SSDEEP
24576:ByXAxGYxE5zFEBeBX8PMIVQh0yoxhDPOB3G5t:0XJYxiFEeX8PpTN5Wc5
-
Detects Healer an antivirus disabler dropper
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1