Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
1de12a587c6d4f57d5364f17691d31c3830e8a875db9a2d53dccaa45a4406336
-
Size
1.5MB
-
Sample
231022-ssyppsab8t
-
MD5
4054fba7471c2b12bdc7734496b35b8c
-
SHA1
a892583c5167284284decc47a18f0d978be1d2e7
-
SHA256
1de12a587c6d4f57d5364f17691d31c3830e8a875db9a2d53dccaa45a4406336
-
SHA512
953ed9161c16bfe1f59e03f0f5e474aaf33f4985b35e0af1017dad8688f5b0c884de58beb08515bcf6ed1f7727d46876c1e8825daa9ac3e6f90a36a43ba5dbaa
-
SSDEEP
24576:OyITqiftF4wBvuikVcdwo/nEvFerlRLaG5sofeNMjoCLDNG9I5Z+jQgpO45SF9Y/:dITqiff4wBvFkz7QrfaG5sRNMNpmH84z
Static task
static1
Behavioral task
behavioral1
Sample
1de12a587c6d4f57d5364f17691d31c3830e8a875db9a2d53dccaa45a4406336.exe
Resource
win10v2004-20231020-en
Malware Config
Extracted
redline
kinder
109.107.182.133:19084
Targets
-
-
Target
1de12a587c6d4f57d5364f17691d31c3830e8a875db9a2d53dccaa45a4406336
-
Size
1.5MB
-
MD5
4054fba7471c2b12bdc7734496b35b8c
-
SHA1
a892583c5167284284decc47a18f0d978be1d2e7
-
SHA256
1de12a587c6d4f57d5364f17691d31c3830e8a875db9a2d53dccaa45a4406336
-
SHA512
953ed9161c16bfe1f59e03f0f5e474aaf33f4985b35e0af1017dad8688f5b0c884de58beb08515bcf6ed1f7727d46876c1e8825daa9ac3e6f90a36a43ba5dbaa
-
SSDEEP
24576:OyITqiftF4wBvuikVcdwo/nEvFerlRLaG5sofeNMjoCLDNG9I5Z+jQgpO45SF9Y/:dITqiff4wBvFkz7QrfaG5sRNMNpmH84z
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-