Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
3210ceac280157198acb7c5ccc7c662dc10bdcd03ad5e236a3cb478742d62ee6
-
Size
1.5MB
-
Sample
231023-bzm34sfd94
-
MD5
1a06a2142f4f3f33290bf18e16530dd8
-
SHA1
031ab05e5cf071bb72e8bf99362b878af632dfc8
-
SHA256
3210ceac280157198acb7c5ccc7c662dc10bdcd03ad5e236a3cb478742d62ee6
-
SHA512
f6f2ba1fda04ef11ffadc46f6c0a927e6538cafa1c8cab65825cd86eff98d0d1ad244d613c131f809402d39c6437be1229a31fafd43cb755dea894064242922b
-
SSDEEP
24576:8y2kyDFIjMAaKNf9L5olCdfc1W9plr9jntnWyHg6O:rEF0zbClCtZrBtrHg
Static task
static1
Behavioral task
behavioral1
Sample
3210ceac280157198acb7c5ccc7c662dc10bdcd03ad5e236a3cb478742d62ee6.exe
Resource
win10v2004-20231020-en
Malware Config
Extracted
redline
kinder
109.107.182.133:19084
Targets
-
-
Target
3210ceac280157198acb7c5ccc7c662dc10bdcd03ad5e236a3cb478742d62ee6
-
Size
1.5MB
-
MD5
1a06a2142f4f3f33290bf18e16530dd8
-
SHA1
031ab05e5cf071bb72e8bf99362b878af632dfc8
-
SHA256
3210ceac280157198acb7c5ccc7c662dc10bdcd03ad5e236a3cb478742d62ee6
-
SHA512
f6f2ba1fda04ef11ffadc46f6c0a927e6538cafa1c8cab65825cd86eff98d0d1ad244d613c131f809402d39c6437be1229a31fafd43cb755dea894064242922b
-
SSDEEP
24576:8y2kyDFIjMAaKNf9L5olCdfc1W9plr9jntnWyHg6O:rEF0zbClCtZrBtrHg
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-