Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
0132577e4df07ffbf3ee14034deba6422ebebf6f89387cc54203bc3d19335f35
-
Size
938KB
-
Sample
230902-peh6bacg9t
-
MD5
712dc53f8f5ce26b3ad87268c5c54e65
-
SHA1
ecfa8c500b07f77ca9283e77954cb337341f7393
-
SHA256
0132577e4df07ffbf3ee14034deba6422ebebf6f89387cc54203bc3d19335f35
-
SHA512
1029b058248160cc0c24d0c6d9f8895d10be3300a0b3fb3e79579651bdd78c9d8fde22048182530d30a24b40971f55d7d088e5d51b3b9956a8bb93da817d01ed
-
SSDEEP
12288:sMrYy901kqURGhyPgvvF4UgxYDW6UsOsvfmeoR1OA3yR39cNdMc+Ckke2e0yvTO:UyOUg+UlWAeLToNWFNe2efvTO
Static task
static1
Behavioral task
behavioral1
Sample
0132577e4df07ffbf3ee14034deba6422ebebf6f89387cc54203bc3d19335f35.exe
Resource
win10v2004-20230831-en
Malware Config
Extracted
redline
narik
77.91.124.82:19071
-
auth_value
07924f5ef90576eb64faea857b8ba3e5
Targets
-
-
Target
0132577e4df07ffbf3ee14034deba6422ebebf6f89387cc54203bc3d19335f35
-
Size
938KB
-
MD5
712dc53f8f5ce26b3ad87268c5c54e65
-
SHA1
ecfa8c500b07f77ca9283e77954cb337341f7393
-
SHA256
0132577e4df07ffbf3ee14034deba6422ebebf6f89387cc54203bc3d19335f35
-
SHA512
1029b058248160cc0c24d0c6d9f8895d10be3300a0b3fb3e79579651bdd78c9d8fde22048182530d30a24b40971f55d7d088e5d51b3b9956a8bb93da817d01ed
-
SSDEEP
12288:sMrYy901kqURGhyPgvvF4UgxYDW6UsOsvfmeoR1OA3yR39cNdMc+Ckke2e0yvTO:UyOUg+UlWAeLToNWFNe2efvTO
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1