Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
file
-
Size
1.3MB
-
Sample
230918-rychzscb89
-
MD5
1ce53a6aa068aee91e137ddd8dc6d205
-
SHA1
07676384b7f5ea40ee1dc628086af4bb92109101
-
SHA256
2885c075025d864d3b77b91bd576e9d5fe83070ad742f31c27acc07bd3fb9955
-
SHA512
0a9b91f38f1c3749916af5da9116fa98e6fdd7a4b8d14a53ce5ca4c968e68ba817bfc2d8535f7ff506bb44e67b0a35eb6fcd1ed4848add24dea53152829a4e72
-
SSDEEP
24576:Lg1yLp0HmYObxpsiuw/88zk7sEI5tq96:cxHmYObkYvps
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
file.exe
Resource
win10v2004-20230915-en
Malware Config
Extracted
redline
1006
176.123.9.142:14845
-
auth_value
b5da80860b093905c2bba6f9377af704
Targets
-
-
Target
file
-
Size
1.3MB
-
MD5
1ce53a6aa068aee91e137ddd8dc6d205
-
SHA1
07676384b7f5ea40ee1dc628086af4bb92109101
-
SHA256
2885c075025d864d3b77b91bd576e9d5fe83070ad742f31c27acc07bd3fb9955
-
SHA512
0a9b91f38f1c3749916af5da9116fa98e6fdd7a4b8d14a53ce5ca4c968e68ba817bfc2d8535f7ff506bb44e67b0a35eb6fcd1ed4848add24dea53152829a4e72
-
SSDEEP
24576:Lg1yLp0HmYObxpsiuw/88zk7sEI5tq96:cxHmYObkYvps
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Uses the VBS compiler for execution
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-