Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
NEAS.04a87b8f058d7530d2e2d860d9792e27ac4a33a3865644f618340a1614a011aa_JC.exe
-
Size
1.2MB
-
Sample
231007-mph7ysag9s
-
MD5
7b68089b89d04dd24d22a1332d87cf08
-
SHA1
66d956dadfe8dc098330dc3ec94a6a625c6a0462
-
SHA256
04a87b8f058d7530d2e2d860d9792e27ac4a33a3865644f618340a1614a011aa
-
SHA512
0c1e561ae6e3c4111379c19618bc871c9c12b27ea5d2ae50396682e433e8369a97577e1b5f5ee3816fd2f4dfe2d8f749261a19c4cc20d0c517edfb282b45b592
-
SSDEEP
24576:dyXzrx5oWmhku7V5d2FZ9+p3tthEEovRH3OIspEK:4XJ5oJhR0Ff+t3EEopeIw
Static task
static1
Behavioral task
behavioral1
Sample
NEAS.04a87b8f058d7530d2e2d860d9792e27ac4a33a3865644f618340a1614a011aa_JC.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
NEAS.04a87b8f058d7530d2e2d860d9792e27ac4a33a3865644f618340a1614a011aa_JC.exe
Resource
win10v2004-20230915-en
Malware Config
Extracted
redline
gigant
77.91.124.55:19071
Targets
-
-
Target
NEAS.04a87b8f058d7530d2e2d860d9792e27ac4a33a3865644f618340a1614a011aa_JC.exe
-
Size
1.2MB
-
MD5
7b68089b89d04dd24d22a1332d87cf08
-
SHA1
66d956dadfe8dc098330dc3ec94a6a625c6a0462
-
SHA256
04a87b8f058d7530d2e2d860d9792e27ac4a33a3865644f618340a1614a011aa
-
SHA512
0c1e561ae6e3c4111379c19618bc871c9c12b27ea5d2ae50396682e433e8369a97577e1b5f5ee3816fd2f4dfe2d8f749261a19c4cc20d0c517edfb282b45b592
-
SSDEEP
24576:dyXzrx5oWmhku7V5d2FZ9+p3tthEEovRH3OIspEK:4XJ5oJhR0Ff+t3EEopeIw
Score10/10-
Detect Mystic stealer payload
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-