Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
4LH589FE.exe
-
Size
459KB
-
Sample
231010-frxpssbb3v
-
MD5
5b250fb771820b54b7998b68630c0bd9
-
SHA1
f401b42cb0a2530ec2e7c8f736aa633fe9eadae0
-
SHA256
9993005debbecfdec12b17824563772d25094cd5893ae9c8378a770450d8e4e4
-
SHA512
77f15b5f97e572b724ea74d6a46fbb57ac04420fd4e09700f3ffddc14cb70a3fb2f3b2cbb7da602ba88778c24dc7044332eec8bb74a9aa8975ec96b86c409122
-
SSDEEP
6144:+fuhebDPM4jjdpvIN8fp7z5BAOCIb5u5ErTmrKfPZ+WHrwchzpY6f8iKX0X:+fuODPjjb/4U5kErjfnH91pYE8iKkX
Static task
static1
Behavioral task
behavioral1
Sample
4LH589FE.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
4LH589FE.exe
Resource
win10-20230831-en
Malware Config
Extracted
redline
magia
77.91.124.55:19071
Targets
-
-
Target
4LH589FE.exe
-
Size
459KB
-
MD5
5b250fb771820b54b7998b68630c0bd9
-
SHA1
f401b42cb0a2530ec2e7c8f736aa633fe9eadae0
-
SHA256
9993005debbecfdec12b17824563772d25094cd5893ae9c8378a770450d8e4e4
-
SHA512
77f15b5f97e572b724ea74d6a46fbb57ac04420fd4e09700f3ffddc14cb70a3fb2f3b2cbb7da602ba88778c24dc7044332eec8bb74a9aa8975ec96b86c409122
-
SSDEEP
6144:+fuhebDPM4jjdpvIN8fp7z5BAOCIb5u5ErTmrKfPZ+WHrwchzpY6f8iKX0X:+fuODPjjb/4U5kErjfnH91pYE8iKkX
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-