Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
387a7bd58f0df89c24c21713dbb945008952358cfba55c836cf286a2eb88b1f0
-
Size
1.1MB
-
Sample
231016-kdzdpaeh68
-
MD5
220960c7f2a7288cce00be71725d3f2f
-
SHA1
567ad208da352e57803d74fb0bf3fe581d7f76b1
-
SHA256
387a7bd58f0df89c24c21713dbb945008952358cfba55c836cf286a2eb88b1f0
-
SHA512
7961e7c4a02caa089276a22e6a7b75d01595e42cba34e83fe7ff9b98aa7763b3047396f384cb6621b364985856739196c695e8e101ad1b4328a871538f553dba
-
SSDEEP
24576:GyOzb5t1tsnVYv42xfY2cqbJ9sD3EmuV2wDPNu:VOzb5SnVZ2xYy0omuV2wJ
Static task
static1
Behavioral task
behavioral1
Sample
387a7bd58f0df89c24c21713dbb945008952358cfba55c836cf286a2eb88b1f0.exe
Resource
win10-20230915-en
Malware Config
Extracted
redline
kukish
77.91.124.55:19071
Targets
-
-
Target
387a7bd58f0df89c24c21713dbb945008952358cfba55c836cf286a2eb88b1f0
-
Size
1.1MB
-
MD5
220960c7f2a7288cce00be71725d3f2f
-
SHA1
567ad208da352e57803d74fb0bf3fe581d7f76b1
-
SHA256
387a7bd58f0df89c24c21713dbb945008952358cfba55c836cf286a2eb88b1f0
-
SHA512
7961e7c4a02caa089276a22e6a7b75d01595e42cba34e83fe7ff9b98aa7763b3047396f384cb6621b364985856739196c695e8e101ad1b4328a871538f553dba
-
SSDEEP
24576:GyOzb5t1tsnVYv42xfY2cqbJ9sD3EmuV2wDPNu:VOzb5SnVZ2xYy0omuV2wJ
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-