Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
f8ad97e73a0c1549e2033862fbacb49f179c7c92e36b19a27bff0c7b275b3504
-
Size
1.1MB
-
Sample
231022-2dpypafa37
-
MD5
d31549c62f36bb6910880a4e621ec890
-
SHA1
18242b20daf81c2d9fb144c41f782ec7c53028e7
-
SHA256
f8ad97e73a0c1549e2033862fbacb49f179c7c92e36b19a27bff0c7b275b3504
-
SHA512
5b1d64b0940efe36e794235d8e4358933a56f1657d7d31a27728a8825963d4952c50e1fce84492055b573ee429b38a8b26ffb73f6d3c69d651cfbdaade571ad0
-
SSDEEP
24576:ayDqKzQ22INnFuCQJ1mSo6LHEEq7vxsPqhsHEDrEfW6C:hDBzHzDkEEi2qeHqwfW6
Static task
static1
Behavioral task
behavioral1
Sample
f8ad97e73a0c1549e2033862fbacb49f179c7c92e36b19a27bff0c7b275b3504.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
f8ad97e73a0c1549e2033862fbacb49f179c7c92e36b19a27bff0c7b275b3504.exe
Resource
win10-20231020-en
Malware Config
Extracted
redline
kukish
77.91.124.55:19071
Targets
-
-
Target
f8ad97e73a0c1549e2033862fbacb49f179c7c92e36b19a27bff0c7b275b3504
-
Size
1.1MB
-
MD5
d31549c62f36bb6910880a4e621ec890
-
SHA1
18242b20daf81c2d9fb144c41f782ec7c53028e7
-
SHA256
f8ad97e73a0c1549e2033862fbacb49f179c7c92e36b19a27bff0c7b275b3504
-
SHA512
5b1d64b0940efe36e794235d8e4358933a56f1657d7d31a27728a8825963d4952c50e1fce84492055b573ee429b38a8b26ffb73f6d3c69d651cfbdaade571ad0
-
SSDEEP
24576:ayDqKzQ22INnFuCQJ1mSo6LHEEq7vxsPqhsHEDrEfW6C:hDBzHzDkEEi2qeHqwfW6
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-