Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
file
-
Size
310KB
-
Sample
230930-wjkm9sga28
-
MD5
65eb3f22c36f9029ad00888f82ed044c
-
SHA1
e55eefde82489f92064f486101d4679152bd4eed
-
SHA256
34bdbd14e1d6cb007b01e6c63a2657d0bfd7a1aebbde88a934e81d0ad5b4dde3
-
SHA512
3520f041842c4872e949a27f455cd1cc93ce99b4f87102260d85c2c847f681a2b0654ea97d747c8d1c177cbe4944f2706a4c037d724ace277e55ad9a670842b3
-
SSDEEP
6144:Whb1kQRrux0TLqBCXcWyIAHZj14mXzGrLKBvWjTaz18Fj:WvkQRru0XcWyIqGrLSvWDj
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
file.exe
Resource
win10v2004-20230915-en
Malware Config
Extracted
redline
LogsDiller Cloud (Telegram: @logsdillabot)
146.59.10.173:45035
-
auth_value
c2955ed3813a798683a185a82e949f88
Targets
-
-
Target
file
-
Size
310KB
-
MD5
65eb3f22c36f9029ad00888f82ed044c
-
SHA1
e55eefde82489f92064f486101d4679152bd4eed
-
SHA256
34bdbd14e1d6cb007b01e6c63a2657d0bfd7a1aebbde88a934e81d0ad5b4dde3
-
SHA512
3520f041842c4872e949a27f455cd1cc93ce99b4f87102260d85c2c847f681a2b0654ea97d747c8d1c177cbe4944f2706a4c037d724ace277e55ad9a670842b3
-
SSDEEP
6144:Whb1kQRrux0TLqBCXcWyIAHZj14mXzGrLKBvWjTaz18Fj:WvkQRru0XcWyIqGrLSvWDj
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-