Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
fd44ef579f043b7834514c5978f93e25.bin
-
Size
215KB
-
Sample
231023-mf4sasfg4t
-
MD5
26d6b8d62f6b5f0eccd73596f8b0ffc1
-
SHA1
166e9cb1bbe82d7a4590c458cf7cf33721d8a0c4
-
SHA256
81eee9f9c6f48ac62aa3a87db3592a77cf67f5ea47044d59c3bc4d172aed5ed4
-
SHA512
aa3aded047d166cda7d0682e7d8bc79e195dec31c244ca1d1e07a112f6940fd87dc3361c7a4a2d53742064a96b91b31276123b4f265ef10b9fa618159ca5a3ee
-
SSDEEP
6144:Hh3CK2P1Iexuoi+IZjz6oGok66OhtijDBSG5neHRq+k6:BSK2NIecoxGjRgROh8roHg+k6
Static task
static1
Behavioral task
behavioral1
Sample
f15baee0f06e5af8b5895b57578c1c15649d95ade9e80d6a06c0ebdc57159e59.exe
Resource
win7-20231020-en
Behavioral task
behavioral2
Sample
f15baee0f06e5af8b5895b57578c1c15649d95ade9e80d6a06c0ebdc57159e59.exe
Resource
win10v2004-20231020-en
Malware Config
Targets
-
-
Target
f15baee0f06e5af8b5895b57578c1c15649d95ade9e80d6a06c0ebdc57159e59.exe
-
Size
496KB
-
MD5
fd44ef579f043b7834514c5978f93e25
-
SHA1
6f35184b825c03945d485a2cd9d69eb117ab181f
-
SHA256
f15baee0f06e5af8b5895b57578c1c15649d95ade9e80d6a06c0ebdc57159e59
-
SHA512
312a5f99587b0e92055fd1e9091e1702e3f9886e973541ccd7a77a5b5d563d5403881822bdc8a18be00f68122873472b402a356fee1c47fcde94c094ae2c7e5f
-
SSDEEP
12288:J8k8MroQB2o97Hr62k3n/+pLsv9+eXUeF6e1L:KMroQkAr62k3n/+pAv+enL
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-