Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
14e66789ed13e60a8e16aae8f6f50b6c26466b75bdef72c289d22514720fa22f
-
Size
1.0MB
-
Sample
230902-tm77maea7w
-
MD5
9a3c2eed6740ec94af81160a13bd1332
-
SHA1
7d42e79b6b0f490d78edb39b29014118c6c9f839
-
SHA256
14e66789ed13e60a8e16aae8f6f50b6c26466b75bdef72c289d22514720fa22f
-
SHA512
b9c15ca26ca2b10ce11b5f90c5eb515cf758e51908e9fe2acabb1edb554d912a009eb0fdb14a723d01a9769e618b907701fe85f4cd677fa20f3ce6f8ea1d1deb
-
SSDEEP
24576:IydHObmPPxVlJZBvvNXqF/h0EqJFnz0FvOh7T9R+QN:PdHOqPxVlnRv5qnjqXz0FvOh7JR+Q
Static task
static1
Behavioral task
behavioral1
Sample
14e66789ed13e60a8e16aae8f6f50b6c26466b75bdef72c289d22514720fa22f.exe
Resource
win10v2004-20230831-en
Malware Config
Extracted
redline
narik
77.91.124.82:19071
-
auth_value
07924f5ef90576eb64faea857b8ba3e5
Targets
-
-
Target
14e66789ed13e60a8e16aae8f6f50b6c26466b75bdef72c289d22514720fa22f
-
Size
1.0MB
-
MD5
9a3c2eed6740ec94af81160a13bd1332
-
SHA1
7d42e79b6b0f490d78edb39b29014118c6c9f839
-
SHA256
14e66789ed13e60a8e16aae8f6f50b6c26466b75bdef72c289d22514720fa22f
-
SHA512
b9c15ca26ca2b10ce11b5f90c5eb515cf758e51908e9fe2acabb1edb554d912a009eb0fdb14a723d01a9769e618b907701fe85f4cd677fa20f3ce6f8ea1d1deb
-
SSDEEP
24576:IydHObmPPxVlJZBvvNXqF/h0EqJFnz0FvOh7T9R+QN:PdHOqPxVlnRv5qnjqXz0FvOh7JR+Q
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1