Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
598471c286035cefc0e31d3a3f7626e6842d05497155eba7b1483f8a08862b17
-
Size
1.6MB
-
Sample
231004-s2tgcacg6y
-
MD5
779291f87592584538220c5287542ca0
-
SHA1
f2e415566f1896f2eb39d0dc80d8d72dcae9ed36
-
SHA256
598471c286035cefc0e31d3a3f7626e6842d05497155eba7b1483f8a08862b17
-
SHA512
7a79d2d2b813468470dd2f4c9813f59d8949d11587ad11523212a3d503038cc3c2af56f4cf850e2875fce8f89f30b6ec66a2d0fd68996ce46de3158e9e31421d
-
SSDEEP
49152:Bplchvxx63aes4b+Yv/bbFugBbpV10wdHmBly:7lchvxxwDXXbbdFV10wU
Static task
static1
Behavioral task
behavioral1
Sample
598471c286035cefc0e31d3a3f7626e6842d05497155eba7b1483f8a08862b17.exe
Resource
win10v2004-20230915-en
Malware Config
Extracted
redline
gigant
77.91.124.55:19071
Targets
-
-
Target
598471c286035cefc0e31d3a3f7626e6842d05497155eba7b1483f8a08862b17
-
Size
1.6MB
-
MD5
779291f87592584538220c5287542ca0
-
SHA1
f2e415566f1896f2eb39d0dc80d8d72dcae9ed36
-
SHA256
598471c286035cefc0e31d3a3f7626e6842d05497155eba7b1483f8a08862b17
-
SHA512
7a79d2d2b813468470dd2f4c9813f59d8949d11587ad11523212a3d503038cc3c2af56f4cf850e2875fce8f89f30b6ec66a2d0fd68996ce46de3158e9e31421d
-
SSDEEP
49152:Bplchvxx63aes4b+Yv/bbFugBbpV10wdHmBly:7lchvxxwDXXbbdFV10wU
Score10/10-
Detect Mystic stealer payload
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-