Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
86e702a3bf11baf010d534dcf0b72e7580961f4319c0065638a37016d6f2d200
-
Size
1.7MB
-
Sample
231024-j6bbwsdd93
-
MD5
c4c2833e658da2e7a1fdf8b49900fd83
-
SHA1
515d96a946a367b0f2c0d9e5ffa135598050b037
-
SHA256
86e702a3bf11baf010d534dcf0b72e7580961f4319c0065638a37016d6f2d200
-
SHA512
37ea8078e74c9c9fcfe81eec51f5b4388005e5c87d42286ef74a55620a5c44bb16e994cf6113491ebcbb0778e524c1daea23458dde1258cfac5c0cbdbc731608
-
SSDEEP
49152:R08tb0VXXFbuYs8W8D2m+ph8P5ypmp6wY:NboXFbtoO2mcioAm
Static task
static1
Behavioral task
behavioral1
Sample
86e702a3bf11baf010d534dcf0b72e7580961f4319c0065638a37016d6f2d200.exe
Resource
win10-20231020-en
Malware Config
Extracted
redline
kinza
77.91.124.86:19084
Targets
-
-
Target
86e702a3bf11baf010d534dcf0b72e7580961f4319c0065638a37016d6f2d200
-
Size
1.7MB
-
MD5
c4c2833e658da2e7a1fdf8b49900fd83
-
SHA1
515d96a946a367b0f2c0d9e5ffa135598050b037
-
SHA256
86e702a3bf11baf010d534dcf0b72e7580961f4319c0065638a37016d6f2d200
-
SHA512
37ea8078e74c9c9fcfe81eec51f5b4388005e5c87d42286ef74a55620a5c44bb16e994cf6113491ebcbb0778e524c1daea23458dde1258cfac5c0cbdbc731608
-
SSDEEP
49152:R08tb0VXXFbuYs8W8D2m+ph8P5ypmp6wY:NboXFbtoO2mcioAm
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-