Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
18f4893f8dbb1717b4685c8646f90554.exe
-
Size
910KB
-
Sample
231011-nvvcvaeg22
-
MD5
18f4893f8dbb1717b4685c8646f90554
-
SHA1
04b0da66addf77e2d011a3cfb8999011f10fd344
-
SHA256
7decb7675605f65b6adafa81ace426cffa10321bd4821225215a4ba499dce669
-
SHA512
91d92b342a98a1fa7ed86a892d908c12eb8e1fec79c1747831f2484c993f536dbe3429b103d1a8c4c0245f2ed99e582726e739c97cf181830906e2b7b82e3eb8
-
SSDEEP
12288:4MrFy90Gvb3A7jOpYwu8EJ2qh2RRwNen0hmkFFb1uj4UrYk0qY14qWuTD4zrqy0X:NyrzOOpYwu8EcYenuChcX1L1e6F
Static task
static1
Behavioral task
behavioral1
Sample
18f4893f8dbb1717b4685c8646f90554.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
18f4893f8dbb1717b4685c8646f90554.exe
Resource
win10v2004-20230915-en
Malware Config
Extracted
redline
luate
77.91.124.55:19071
-
auth_value
e45cd419aba6c9d372088ffe5629308b
Targets
-
-
Target
18f4893f8dbb1717b4685c8646f90554.exe
-
Size
910KB
-
MD5
18f4893f8dbb1717b4685c8646f90554
-
SHA1
04b0da66addf77e2d011a3cfb8999011f10fd344
-
SHA256
7decb7675605f65b6adafa81ace426cffa10321bd4821225215a4ba499dce669
-
SHA512
91d92b342a98a1fa7ed86a892d908c12eb8e1fec79c1747831f2484c993f536dbe3429b103d1a8c4c0245f2ed99e582726e739c97cf181830906e2b7b82e3eb8
-
SSDEEP
12288:4MrFy90Gvb3A7jOpYwu8EJ2qh2RRwNen0hmkFFb1uj4UrYk0qY14qWuTD4zrqy0X:NyrzOOpYwu8EcYenuChcX1L1e6F
Score10/10-
Detect Mystic stealer payload
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-