Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
19f6c3c2a3ef47c00d7ed7b6fdbcad3d4697755f747daf56384adf39ade0b8af_JC.exe
-
Size
1.6MB
-
Sample
231005-tsxyvaed98
-
MD5
4394688b530b0877db9bb4dcefc8140a
-
SHA1
f4dc549c339540d793c2e6fb9cdabd3905f757ea
-
SHA256
19f6c3c2a3ef47c00d7ed7b6fdbcad3d4697755f747daf56384adf39ade0b8af
-
SHA512
9d08f223ab748689d83da3f82ed42a50c5b28433c6797bef633f9139db8d6371e2e9f26685e64a68c091922c68bcc6e7f8ec22212907e400a183cc815bceaaa5
-
SSDEEP
49152:mF1BiGjRHglYmqdOisVhOOQ3gci462IpJOhok:u1Biq+HqdBsV4Au9UJHk
Static task
static1
Behavioral task
behavioral1
Sample
19f6c3c2a3ef47c00d7ed7b6fdbcad3d4697755f747daf56384adf39ade0b8af_JC.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
19f6c3c2a3ef47c00d7ed7b6fdbcad3d4697755f747daf56384adf39ade0b8af_JC.exe
Resource
win10v2004-20230915-en
Malware Config
Extracted
redline
gigant
77.91.124.55:19071
Targets
-
-
Target
19f6c3c2a3ef47c00d7ed7b6fdbcad3d4697755f747daf56384adf39ade0b8af_JC.exe
-
Size
1.6MB
-
MD5
4394688b530b0877db9bb4dcefc8140a
-
SHA1
f4dc549c339540d793c2e6fb9cdabd3905f757ea
-
SHA256
19f6c3c2a3ef47c00d7ed7b6fdbcad3d4697755f747daf56384adf39ade0b8af
-
SHA512
9d08f223ab748689d83da3f82ed42a50c5b28433c6797bef633f9139db8d6371e2e9f26685e64a68c091922c68bcc6e7f8ec22212907e400a183cc815bceaaa5
-
SSDEEP
49152:mF1BiGjRHglYmqdOisVhOOQ3gci462IpJOhok:u1Biq+HqdBsV4Au9UJHk
Score10/10-
Detect Mystic stealer payload
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-