Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
230e3b79f172036cc9355a1b63795803a601d9f8d70eed31fcece6b2f7cf3c52
-
Size
928KB
-
Sample
230923-q49v1afh5x
-
MD5
fe805e96b91b7a8ce2495aca1be1431e
-
SHA1
dc795b154e3c184d122c060997d8cb8ce28df821
-
SHA256
230e3b79f172036cc9355a1b63795803a601d9f8d70eed31fcece6b2f7cf3c52
-
SHA512
83eb86e1ef2c611e73cb732099465b248090b9ae3d220491a834101bcf04b4103a29e81d79559b67e8b1f6ed27203a911c2bef3c0fb579ade7054d3620bc0f94
-
SSDEEP
24576:Oyu8U8jCtGrHKV6vfkHR0CxD7u7dPIDp0Y5:dpjCIHKV7HRhxDE9up0
Static task
static1
Behavioral task
behavioral1
Sample
230e3b79f172036cc9355a1b63795803a601d9f8d70eed31fcece6b2f7cf3c52.exe
Resource
win10v2004-20230915-en
Malware Config
Extracted
redline
tuxiu
77.91.124.82:19071
-
auth_value
29610cdad07e7187eec70685a04b89fe
Targets
-
-
Target
230e3b79f172036cc9355a1b63795803a601d9f8d70eed31fcece6b2f7cf3c52
-
Size
928KB
-
MD5
fe805e96b91b7a8ce2495aca1be1431e
-
SHA1
dc795b154e3c184d122c060997d8cb8ce28df821
-
SHA256
230e3b79f172036cc9355a1b63795803a601d9f8d70eed31fcece6b2f7cf3c52
-
SHA512
83eb86e1ef2c611e73cb732099465b248090b9ae3d220491a834101bcf04b4103a29e81d79559b67e8b1f6ed27203a911c2bef3c0fb579ade7054d3620bc0f94
-
SSDEEP
24576:Oyu8U8jCtGrHKV6vfkHR0CxD7u7dPIDp0Y5:dpjCIHKV7HRhxDE9up0
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-