Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
458aeb444a66350118741f27c1f40bf4
-
Size
650KB
-
Sample
230910-qw1x5ahd7y
-
MD5
458aeb444a66350118741f27c1f40bf4
-
SHA1
ca48d6c3dd2a2887dcd203c6207a024396cc5039
-
SHA256
752823538da4481a5c018b006e45632bac790df88df756c6a54291981d953983
-
SHA512
18fa28bc0a5f4d65c86f5db4bf81e799c1f076008504bf0d113af4bca81e03943939ce58c2d61ed3e3f739cf8a69b134699aec4ad083ff8c1003760708fa718a
-
SSDEEP
12288:hMrDy90Y5z/zy4NBqp6s3tvim9f5b2pzNr+cG/AsitfYco:6yZpLyOBA6kvim9R2phL1fu
Static task
static1
Behavioral task
behavioral1
Sample
458aeb444a66350118741f27c1f40bf4.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
458aeb444a66350118741f27c1f40bf4.exe
Resource
win10v2004-20230831-en
Malware Config
Extracted
redline
virad
77.91.124.82:19071
-
auth_value
434dd63619ca8bbf10125913fb40ca28
Targets
-
-
Target
458aeb444a66350118741f27c1f40bf4
-
Size
650KB
-
MD5
458aeb444a66350118741f27c1f40bf4
-
SHA1
ca48d6c3dd2a2887dcd203c6207a024396cc5039
-
SHA256
752823538da4481a5c018b006e45632bac790df88df756c6a54291981d953983
-
SHA512
18fa28bc0a5f4d65c86f5db4bf81e799c1f076008504bf0d113af4bca81e03943939ce58c2d61ed3e3f739cf8a69b134699aec4ad083ff8c1003760708fa718a
-
SSDEEP
12288:hMrDy90Y5z/zy4NBqp6s3tvim9f5b2pzNr+cG/AsitfYco:6yZpLyOBA6kvim9R2phL1fu
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-