Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
file.exe
-
Size
1.0MB
-
Sample
230920-mwnq1sfg9t
-
MD5
c44085d4f410b0335bfd853629159a98
-
SHA1
6de766aca6eea98ddd1ac940c8110ef83c6df94b
-
SHA256
63cebbe380cf99272e0d8eb7a3ed9b84633a3eaa048484ab83019b570e711383
-
SHA512
2cbb0d64464c56fdaae34f77a2eb0f624b5ce7eb5c558d8d9104e1ae7d79f18bd1405bacca33737213ea37bc715c51629fd67a5ae3cea705f82800ea6f419d14
-
SSDEEP
12288:AsDd2dAHOvLBwvJ5ykrqJd0YSFYvtZ4tGxHXm0luGwGKblxzxDBA4Aa5ou:1J2dAHOvLBwvjYSIYkX4lfd75B
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
file.exe
Resource
win10v2004-20230915-en
Malware Config
Extracted
redline
smokiez
194.169.175.232:45450
-
auth_value
7b7d8a036038ab89b98f422d559b4f8f
Targets
-
-
Target
file.exe
-
Size
1.0MB
-
MD5
c44085d4f410b0335bfd853629159a98
-
SHA1
6de766aca6eea98ddd1ac940c8110ef83c6df94b
-
SHA256
63cebbe380cf99272e0d8eb7a3ed9b84633a3eaa048484ab83019b570e711383
-
SHA512
2cbb0d64464c56fdaae34f77a2eb0f624b5ce7eb5c558d8d9104e1ae7d79f18bd1405bacca33737213ea37bc715c51629fd67a5ae3cea705f82800ea6f419d14
-
SSDEEP
12288:AsDd2dAHOvLBwvJ5ykrqJd0YSFYvtZ4tGxHXm0luGwGKblxzxDBA4Aa5ou:1J2dAHOvLBwvjYSIYkX4lfd75B
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-