Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
48dc5abf242d433e67fb2282576087ac89d1873995b4dea68d055d3acb093d47
-
Size
929KB
-
Sample
231011-vb39zace28
-
MD5
4f6bcdc8cd0bf2db7c617bf1e15ab3e3
-
SHA1
9a35e82cfd978b0ca31ed66040f2249fc6209aac
-
SHA256
48dc5abf242d433e67fb2282576087ac89d1873995b4dea68d055d3acb093d47
-
SHA512
524e820a0e33709bcfa7f19e789be4938ff9d3eafc30f79d852ccaaa4f81feec0af5f1e168b3ef9f9f1f0a1018b8793563bbb306cd125046752dbd4528a7ad4a
-
SSDEEP
24576:my7I6JpuXR1wXhb8fCV9dsiJ3BK0Qm5Rzl9AHXCx:17BU1AyCzCHQ/zHAS
Static task
static1
Behavioral task
behavioral1
Sample
48dc5abf242d433e67fb2282576087ac89d1873995b4dea68d055d3acb093d47.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
48dc5abf242d433e67fb2282576087ac89d1873995b4dea68d055d3acb093d47.exe
Resource
win10v2004-20230915-en
Malware Config
Extracted
redline
kendo
77.91.124.82:19071
-
auth_value
5a22a881561d49941415902859b51f14
Targets
-
-
Target
48dc5abf242d433e67fb2282576087ac89d1873995b4dea68d055d3acb093d47
-
Size
929KB
-
MD5
4f6bcdc8cd0bf2db7c617bf1e15ab3e3
-
SHA1
9a35e82cfd978b0ca31ed66040f2249fc6209aac
-
SHA256
48dc5abf242d433e67fb2282576087ac89d1873995b4dea68d055d3acb093d47
-
SHA512
524e820a0e33709bcfa7f19e789be4938ff9d3eafc30f79d852ccaaa4f81feec0af5f1e168b3ef9f9f1f0a1018b8793563bbb306cd125046752dbd4528a7ad4a
-
SSDEEP
24576:my7I6JpuXR1wXhb8fCV9dsiJ3BK0Qm5Rzl9AHXCx:17BU1AyCzCHQ/zHAS
Score10/10-
Detect Mystic stealer payload
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-