Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
6236cf44c07338a74ded96c336ea4ace6ae82d27b8796bc6a046bbd4c2a5f7e7
-
Size
929KB
-
Sample
231011-gmtm1sfd27
-
MD5
120a44c174787e2468251b13ab4bdfb9
-
SHA1
a19b8b24353513645712f6d8a863d4a87fdc70be
-
SHA256
6236cf44c07338a74ded96c336ea4ace6ae82d27b8796bc6a046bbd4c2a5f7e7
-
SHA512
036ff4f9003bc145fe8ed7336445bc61bbe6b2916851d0264adadba9f733649a774b8465b8b09fea59a6210f7388aa026a6b59b4d38ace9507cb221a15a463f7
-
SSDEEP
24576:ZyiBy1sjD7ZfxQZ99PazLhvZD1J9U3q2i:MkyGXJxQZrPazFd1JO3V
Static task
static1
Behavioral task
behavioral1
Sample
6236cf44c07338a74ded96c336ea4ace6ae82d27b8796bc6a046bbd4c2a5f7e7.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
6236cf44c07338a74ded96c336ea4ace6ae82d27b8796bc6a046bbd4c2a5f7e7.exe
Resource
win10v2004-20230915-en
Malware Config
Extracted
redline
luska
77.91.124.55:19071
-
auth_value
a6797888f51a88afbfd8854a79ac9357
Targets
-
-
Target
6236cf44c07338a74ded96c336ea4ace6ae82d27b8796bc6a046bbd4c2a5f7e7
-
Size
929KB
-
MD5
120a44c174787e2468251b13ab4bdfb9
-
SHA1
a19b8b24353513645712f6d8a863d4a87fdc70be
-
SHA256
6236cf44c07338a74ded96c336ea4ace6ae82d27b8796bc6a046bbd4c2a5f7e7
-
SHA512
036ff4f9003bc145fe8ed7336445bc61bbe6b2916851d0264adadba9f733649a774b8465b8b09fea59a6210f7388aa026a6b59b4d38ace9507cb221a15a463f7
-
SSDEEP
24576:ZyiBy1sjD7ZfxQZ99PazLhvZD1J9U3q2i:MkyGXJxQZrPazFd1JO3V
Score10/10-
Detect Mystic stealer payload
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-