Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
cd7d898a13d74fb5d08840c2c49e6ad2b9a0af5e86d8fc96c480dce5797d704a
-
Size
1.5MB
-
Sample
231004-c16ghsae37
-
MD5
83a944e4466559fe02adc1fce5ba69c7
-
SHA1
4b52b8b1ab4c525a9d5fd9ad8127f5ac12d6bb62
-
SHA256
cd7d898a13d74fb5d08840c2c49e6ad2b9a0af5e86d8fc96c480dce5797d704a
-
SHA512
325cb8aa7b527288ce9b8a27d79a1dd1e98cfab0ef56233a722d62f733b1f37ddb287e1940dc89716ea7f40bd8920b6399956e6e969cbce3042b63984fcef510
-
SSDEEP
24576:eyGUpcIUOcCC20KQI5UNH40kiBZpDKxEr0tptyusfVn5r2:tGU6OERKDIY4+e4rgV
Static task
static1
Behavioral task
behavioral1
Sample
cd7d898a13d74fb5d08840c2c49e6ad2b9a0af5e86d8fc96c480dce5797d704a.exe
Resource
win10v2004-20230915-en
Malware Config
Extracted
redline
gigant
77.91.124.55:19071
Targets
-
-
Target
cd7d898a13d74fb5d08840c2c49e6ad2b9a0af5e86d8fc96c480dce5797d704a
-
Size
1.5MB
-
MD5
83a944e4466559fe02adc1fce5ba69c7
-
SHA1
4b52b8b1ab4c525a9d5fd9ad8127f5ac12d6bb62
-
SHA256
cd7d898a13d74fb5d08840c2c49e6ad2b9a0af5e86d8fc96c480dce5797d704a
-
SHA512
325cb8aa7b527288ce9b8a27d79a1dd1e98cfab0ef56233a722d62f733b1f37ddb287e1940dc89716ea7f40bd8920b6399956e6e969cbce3042b63984fcef510
-
SSDEEP
24576:eyGUpcIUOcCC20KQI5UNH40kiBZpDKxEr0tptyusfVn5r2:tGU6OERKDIY4+e4rgV
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-