Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
75bc651b81daed0a35e1587e59c867610a31cb3e0b8423325e0322739a6fb2b5
-
Size
1.1MB
-
Sample
231011-kgmt3abe6s
-
MD5
4d4ab373da2d7170b2ebb5789fe1b8c5
-
SHA1
a67d00f36345463fb8c2f30596ef601b620f7683
-
SHA256
75bc651b81daed0a35e1587e59c867610a31cb3e0b8423325e0322739a6fb2b5
-
SHA512
83f84d41d7de0849d0fdaccca78c384cffa4fb679659dec4c65b285f3d592898ad16d77ef7fbebedf5525cd5a233a4a517363989a2743dbccd564c668ade2242
-
SSDEEP
24576:nyljaxBG7KCicvm+3Vg9DZcCXKwvbOOtNXM84V519rtf:yljabG7KCflg9DZFvbjtNa59R
Static task
static1
Behavioral task
behavioral1
Sample
75bc651b81daed0a35e1587e59c867610a31cb3e0b8423325e0322739a6fb2b5.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
75bc651b81daed0a35e1587e59c867610a31cb3e0b8423325e0322739a6fb2b5.exe
Resource
win10v2004-20230915-en
Malware Config
Extracted
redline
luate
77.91.124.55:19071
-
auth_value
e45cd419aba6c9d372088ffe5629308b
Targets
-
-
Target
75bc651b81daed0a35e1587e59c867610a31cb3e0b8423325e0322739a6fb2b5
-
Size
1.1MB
-
MD5
4d4ab373da2d7170b2ebb5789fe1b8c5
-
SHA1
a67d00f36345463fb8c2f30596ef601b620f7683
-
SHA256
75bc651b81daed0a35e1587e59c867610a31cb3e0b8423325e0322739a6fb2b5
-
SHA512
83f84d41d7de0849d0fdaccca78c384cffa4fb679659dec4c65b285f3d592898ad16d77ef7fbebedf5525cd5a233a4a517363989a2743dbccd564c668ade2242
-
SSDEEP
24576:nyljaxBG7KCicvm+3Vg9DZcCXKwvbOOtNXM84V519rtf:yljabG7KCflg9DZFvbjtNa59R
Score10/10-
Detect Mystic stealer payload
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-