Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
4894998a92beaa8ca1a10cac3d3b41a4188056bfff1a5d0f8e431fbdd0bd9e4d
-
Size
1.0MB
-
Sample
231012-hlctjsce6w
-
MD5
55ef1e5fe8a3967f3e63185b55755b6d
-
SHA1
1371600fa4621f25003d0b4bc57519849d6dea2f
-
SHA256
4894998a92beaa8ca1a10cac3d3b41a4188056bfff1a5d0f8e431fbdd0bd9e4d
-
SHA512
fb34a2f44332d6cac21e6c905bb13e6372fcced8f382f0ddd52cf89a720b837a630e9190bb1df0b35b2a64f28ef805acd125ad1e369f69f378df22796a13350f
-
SSDEEP
24576:yyv3i+VoE7b6Zo61kUvOu6U2SzX7BzKBtntR6ms4u:Z/Db6v2u6UDzX7BzKBd6mv
Static task
static1
Behavioral task
behavioral1
Sample
4894998a92beaa8ca1a10cac3d3b41a4188056bfff1a5d0f8e431fbdd0bd9e4d.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
4894998a92beaa8ca1a10cac3d3b41a4188056bfff1a5d0f8e431fbdd0bd9e4d.exe
Resource
win10v2004-20230915-en
Malware Config
Extracted
redline
tuxiu
77.91.124.82:19071
-
auth_value
29610cdad07e7187eec70685a04b89fe
Targets
-
-
Target
4894998a92beaa8ca1a10cac3d3b41a4188056bfff1a5d0f8e431fbdd0bd9e4d
-
Size
1.0MB
-
MD5
55ef1e5fe8a3967f3e63185b55755b6d
-
SHA1
1371600fa4621f25003d0b4bc57519849d6dea2f
-
SHA256
4894998a92beaa8ca1a10cac3d3b41a4188056bfff1a5d0f8e431fbdd0bd9e4d
-
SHA512
fb34a2f44332d6cac21e6c905bb13e6372fcced8f382f0ddd52cf89a720b837a630e9190bb1df0b35b2a64f28ef805acd125ad1e369f69f378df22796a13350f
-
SSDEEP
24576:yyv3i+VoE7b6Zo61kUvOu6U2SzX7BzKBtntR6ms4u:Z/Db6v2u6UDzX7BzKBd6mv
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-