Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
0a05ea3f0b0429c68209691009a703936a558fdde0b270366b7d4b296e2ea6e7
-
Size
412KB
-
Sample
231011-2etchage7t
-
MD5
44ac7f2fc213654a84bd9406e0ba9e2e
-
SHA1
4ccea375b1b19eb1bacf4482835b499e9cfc24d2
-
SHA256
0a05ea3f0b0429c68209691009a703936a558fdde0b270366b7d4b296e2ea6e7
-
SHA512
11bd5e56c4add6f4eb1100066588de2d0d6fc26852d508ec22553e4fc9ca2f7d48cb9875a9b6434ee1f70a5137a2f3099b102df3959eb267c041b21311d79cfc
-
SSDEEP
6144:r96hvxIcPJL8+5oprOCu5yzuAOGhr1Ld2Il85CU8MRE9Hwxqwq:r9EpIcPy+a6uu0h1Ld2IiCCawowq
Static task
static1
Behavioral task
behavioral1
Sample
0a05ea3f0b0429c68209691009a703936a558fdde0b270366b7d4b296e2ea6e7.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
0a05ea3f0b0429c68209691009a703936a558fdde0b270366b7d4b296e2ea6e7.exe
Resource
win10v2004-20230915-en
Malware Config
Extracted
redline
194.169.175.232:45451
-
auth_value
277a7742ea9b1da2a636fb11c1abcacd
Targets
-
-
Target
0a05ea3f0b0429c68209691009a703936a558fdde0b270366b7d4b296e2ea6e7
-
Size
412KB
-
MD5
44ac7f2fc213654a84bd9406e0ba9e2e
-
SHA1
4ccea375b1b19eb1bacf4482835b499e9cfc24d2
-
SHA256
0a05ea3f0b0429c68209691009a703936a558fdde0b270366b7d4b296e2ea6e7
-
SHA512
11bd5e56c4add6f4eb1100066588de2d0d6fc26852d508ec22553e4fc9ca2f7d48cb9875a9b6434ee1f70a5137a2f3099b102df3959eb267c041b21311d79cfc
-
SSDEEP
6144:r96hvxIcPJL8+5oprOCu5yzuAOGhr1Ld2Il85CU8MRE9Hwxqwq:r9EpIcPy+a6uu0h1Ld2IiCCawowq
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-