Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
1b3965a832f82cd3387c49ff87394ce8bceb3ac922ecbbb20155cac9aae014b4
-
Size
1.1MB
-
Sample
231022-17xd7ada2v
-
MD5
726211d761490028db412b94f41560cd
-
SHA1
35e2eaa4aef889f7ed15ba77c7a06790e983a507
-
SHA256
1b3965a832f82cd3387c49ff87394ce8bceb3ac922ecbbb20155cac9aae014b4
-
SHA512
290d47a1f42171474266fb2626ee9b0b02a81d337ccdbfd74355fe86c089fe4d8b63f7b804fe16ed0fed5ac27dcec2460ca13e91b252a399509d04bdd5da8abc
-
SSDEEP
24576:ey95/7BePPX9rVOgu6sz8O2K8UZhPfZnrwdidLlhl+2fYe:t9VEP1xOLP6SPWEHlTf
Static task
static1
Behavioral task
behavioral1
Sample
1b3965a832f82cd3387c49ff87394ce8bceb3ac922ecbbb20155cac9aae014b4.exe
Resource
win7-20231020-en
Behavioral task
behavioral2
Sample
1b3965a832f82cd3387c49ff87394ce8bceb3ac922ecbbb20155cac9aae014b4.exe
Resource
win10-20231020-en
Malware Config
Extracted
redline
kukish
77.91.124.55:19071
Targets
-
-
Target
1b3965a832f82cd3387c49ff87394ce8bceb3ac922ecbbb20155cac9aae014b4
-
Size
1.1MB
-
MD5
726211d761490028db412b94f41560cd
-
SHA1
35e2eaa4aef889f7ed15ba77c7a06790e983a507
-
SHA256
1b3965a832f82cd3387c49ff87394ce8bceb3ac922ecbbb20155cac9aae014b4
-
SHA512
290d47a1f42171474266fb2626ee9b0b02a81d337ccdbfd74355fe86c089fe4d8b63f7b804fe16ed0fed5ac27dcec2460ca13e91b252a399509d04bdd5da8abc
-
SSDEEP
24576:ey95/7BePPX9rVOgu6sz8O2K8UZhPfZnrwdidLlhl+2fYe:t9VEP1xOLP6SPWEHlTf
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-