Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
40001deebcf679f212c0c7b1213c60432ac9f31217888a0791cc476b407d00b3
-
Size
1.3MB
-
Sample
230918-1l3dbafa89
-
MD5
9edc522f25bfe83833ad86194a159f7f
-
SHA1
e0a58ecbc04824bef6842168ddee3d7312bb9d41
-
SHA256
40001deebcf679f212c0c7b1213c60432ac9f31217888a0791cc476b407d00b3
-
SHA512
f61b30021f0e61db9c408522d955d9dd9be5cce1471267c8858c2b84b3d28c92740b3f16e131038a83d32f858b3a3ad586826e235e48d328987c029085e04fa4
-
SSDEEP
24576:zQWR5eYC8xWOKih0psqSXidHFeTUPyoe426pAt3kHzz8rzJIf9s:r5eYC8xbKlpV2apPa+p03izg36f9s
Static task
static1
Behavioral task
behavioral1
Sample
40001deebcf679f212c0c7b1213c60432ac9f31217888a0791cc476b407d00b3.exe
Resource
win10v2004-20230915-en
Malware Config
Extracted
redline
vasha
77.91.124.82:19071
-
auth_value
42fc61786274daca54d589b85a2c1954
Targets
-
-
Target
40001deebcf679f212c0c7b1213c60432ac9f31217888a0791cc476b407d00b3
-
Size
1.3MB
-
MD5
9edc522f25bfe83833ad86194a159f7f
-
SHA1
e0a58ecbc04824bef6842168ddee3d7312bb9d41
-
SHA256
40001deebcf679f212c0c7b1213c60432ac9f31217888a0791cc476b407d00b3
-
SHA512
f61b30021f0e61db9c408522d955d9dd9be5cce1471267c8858c2b84b3d28c92740b3f16e131038a83d32f858b3a3ad586826e235e48d328987c029085e04fa4
-
SSDEEP
24576:zQWR5eYC8xWOKih0psqSXidHFeTUPyoe426pAt3kHzz8rzJIf9s:r5eYC8xbKlpV2apPa+p03izg36f9s
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-