Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
b4cce194f3c5177774b80978aedbebcb31515f4546b49d2795678e367e95aa05
-
Size
1.1MB
-
Sample
231016-te5rjabg78
-
MD5
d3b303185713f8e3c9bb9c644eeec0a9
-
SHA1
d7215b668aeeb966fc756f7a69f201724f6f26e9
-
SHA256
b4cce194f3c5177774b80978aedbebcb31515f4546b49d2795678e367e95aa05
-
SHA512
5447af64d99dc077f1ab5b732935fecfa20ac6bc4d3622ccb357b3b270246a54e2c4a5484cbf8d0e6e22c017cbd248ca83bd3d266281f61cba358192eebef28e
-
SSDEEP
24576:nZFJWFMMh4jlauPGM1qXuC4ezHYDr1WwsMSq:nZ9Mh4jlNPToDMvcPH
Static task
static1
Behavioral task
behavioral1
Sample
b4cce194f3c5177774b80978aedbebcb31515f4546b49d2795678e367e95aa05.exe
Resource
win10v2004-20230915-en
Malware Config
Extracted
redline
Installs3000_20231016
62.72.23.19:80
Targets
-
-
Target
b4cce194f3c5177774b80978aedbebcb31515f4546b49d2795678e367e95aa05
-
Size
1.1MB
-
MD5
d3b303185713f8e3c9bb9c644eeec0a9
-
SHA1
d7215b668aeeb966fc756f7a69f201724f6f26e9
-
SHA256
b4cce194f3c5177774b80978aedbebcb31515f4546b49d2795678e367e95aa05
-
SHA512
5447af64d99dc077f1ab5b732935fecfa20ac6bc4d3622ccb357b3b270246a54e2c4a5484cbf8d0e6e22c017cbd248ca83bd3d266281f61cba358192eebef28e
-
SSDEEP
24576:nZFJWFMMh4jlauPGM1qXuC4ezHYDr1WwsMSq:nZ9Mh4jlNPToDMvcPH
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Uses the VBS compiler for execution
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-