Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
076a9bc34906773ee8b5f6f94c661689c89dab51d9b8a36d326dab9bf14f23f4
-
Size
1.0MB
-
Sample
230922-e7874aeh94
-
MD5
0b61e85d556a316b061e77777a13e5e8
-
SHA1
cc6cf74bf165fcd0658d549c33e5894eee9473b0
-
SHA256
076a9bc34906773ee8b5f6f94c661689c89dab51d9b8a36d326dab9bf14f23f4
-
SHA512
d4f54a8717cb143e191f8dd7f2fb9e2d18e9aae38b08059d26cc008387efa3cf896b7fccf6e94517776f3f3a4c2b9949b80faa6982990f2325ee297ceb2c0ffd
-
SSDEEP
24576:ayAPspQvmBtZ+0RxLseV0ehY7b1ZeKYM6Y0j:hxp60MUZtUNZeKDR
Static task
static1
Behavioral task
behavioral1
Sample
076a9bc34906773ee8b5f6f94c661689c89dab51d9b8a36d326dab9bf14f23f4.exe
Resource
win10v2004-20230915-en
Malware Config
Extracted
redline
tuxiu
77.91.124.82:19071
-
auth_value
29610cdad07e7187eec70685a04b89fe
Targets
-
-
Target
076a9bc34906773ee8b5f6f94c661689c89dab51d9b8a36d326dab9bf14f23f4
-
Size
1.0MB
-
MD5
0b61e85d556a316b061e77777a13e5e8
-
SHA1
cc6cf74bf165fcd0658d549c33e5894eee9473b0
-
SHA256
076a9bc34906773ee8b5f6f94c661689c89dab51d9b8a36d326dab9bf14f23f4
-
SHA512
d4f54a8717cb143e191f8dd7f2fb9e2d18e9aae38b08059d26cc008387efa3cf896b7fccf6e94517776f3f3a4c2b9949b80faa6982990f2325ee297ceb2c0ffd
-
SSDEEP
24576:ayAPspQvmBtZ+0RxLseV0ehY7b1ZeKYM6Y0j:hxp60MUZtUNZeKDR
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-