Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
78b21cae87306b40b597c02efc776c5331e3de89c9fb2b74adf60c02752ae2c9
-
Size
1.0MB
-
Sample
231010-zj5j8aca28
-
MD5
f866e8c43a85c50cc717ae40adb5cb6d
-
SHA1
015f7d1090741a56bcf4179ce82b2d0f9e292ee6
-
SHA256
78b21cae87306b40b597c02efc776c5331e3de89c9fb2b74adf60c02752ae2c9
-
SHA512
973d56b7c06009415d96ccc7fd4012c2c8b97262bf05c22f69c2ef0161972b56abee12fd37a2c808b72e32c6d922da64c5ace3d319d9107c847f9c0b4c28628b
-
SSDEEP
24576:CylZiL54xBHHS0Ay615EFKrzfOdpCidbjTRelK1:pmd7MA5EErzYpCi1ReM
Static task
static1
Behavioral task
behavioral1
Sample
78b21cae87306b40b597c02efc776c5331e3de89c9fb2b74adf60c02752ae2c9.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
78b21cae87306b40b597c02efc776c5331e3de89c9fb2b74adf60c02752ae2c9.exe
Resource
win10v2004-20230915-en
Malware Config
Extracted
redline
luska
77.91.124.55:19071
-
auth_value
a6797888f51a88afbfd8854a79ac9357
Targets
-
-
Target
78b21cae87306b40b597c02efc776c5331e3de89c9fb2b74adf60c02752ae2c9
-
Size
1.0MB
-
MD5
f866e8c43a85c50cc717ae40adb5cb6d
-
SHA1
015f7d1090741a56bcf4179ce82b2d0f9e292ee6
-
SHA256
78b21cae87306b40b597c02efc776c5331e3de89c9fb2b74adf60c02752ae2c9
-
SHA512
973d56b7c06009415d96ccc7fd4012c2c8b97262bf05c22f69c2ef0161972b56abee12fd37a2c808b72e32c6d922da64c5ace3d319d9107c847f9c0b4c28628b
-
SSDEEP
24576:CylZiL54xBHHS0Ay615EFKrzfOdpCidbjTRelK1:pmd7MA5EErzYpCi1ReM
Score10/10-
Detect Mystic stealer payload
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-