Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
e8bf7b5c22a787af15a42638894b8f1eccc3320134f42f09939f4932df0cc796
-
Size
1.2MB
-
Sample
231006-1wnmxaad68
-
MD5
ed974ae3de86c69a6f5c807463948ccb
-
SHA1
769f8bd5816eed350070769627d06525f76f12f8
-
SHA256
e8bf7b5c22a787af15a42638894b8f1eccc3320134f42f09939f4932df0cc796
-
SHA512
36e359c4e8003aa0cb67c86c9726672746d9f8183e8dc02a8d66f6c3368a9d395c04e381c5d1c2c51bdc6f7264dfb29e6736513c1538717218e2c4eef37a5708
-
SSDEEP
24576:fyeUyRGbDVQC1PTwuV1ceIL7iVJp81sv7xl5of92:qouCCtTwuV1e7ibplCf
Static task
static1
Behavioral task
behavioral1
Sample
e8bf7b5c22a787af15a42638894b8f1eccc3320134f42f09939f4932df0cc796.exe
Resource
win10v2004-20230915-en
Malware Config
Extracted
redline
gigant
77.91.124.55:19071
Targets
-
-
Target
e8bf7b5c22a787af15a42638894b8f1eccc3320134f42f09939f4932df0cc796
-
Size
1.2MB
-
MD5
ed974ae3de86c69a6f5c807463948ccb
-
SHA1
769f8bd5816eed350070769627d06525f76f12f8
-
SHA256
e8bf7b5c22a787af15a42638894b8f1eccc3320134f42f09939f4932df0cc796
-
SHA512
36e359c4e8003aa0cb67c86c9726672746d9f8183e8dc02a8d66f6c3368a9d395c04e381c5d1c2c51bdc6f7264dfb29e6736513c1538717218e2c4eef37a5708
-
SSDEEP
24576:fyeUyRGbDVQC1PTwuV1ceIL7iVJp81sv7xl5of92:qouCCtTwuV1e7ibplCf
Score10/10-
Detect Mystic stealer payload
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-