Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
e70e6627d0d23b3ef43f8d3d5b4466b08002d3492c4e54c149005deb68f90b34
-
Size
585KB
-
Sample
231029-2cbpnsbd63
-
MD5
5b56d98cd74aa5c75d81ec033c2cefe7
-
SHA1
7ade139a319ad78d3d7f972b5448a002552c8e89
-
SHA256
e70e6627d0d23b3ef43f8d3d5b4466b08002d3492c4e54c149005deb68f90b34
-
SHA512
846f9aabf7cd6e6790d9e5d973cadbbda00060a23d9ae4c91c2dae32307ae12ec04fc336c015713336ac5559864ae7e54295779f8eaab3fb6b4457600cd4b73a
-
SSDEEP
6144:jcxPuxwhQyka515g4YttHQ462jYPp0r2mruh13t4q3bWUoM2oJFSrxpKLj4XygUu:oVuxwTka+ti92kPpeijCUoR7fyXs1ZR
Static task
static1
Behavioral task
behavioral1
Sample
e70e6627d0d23b3ef43f8d3d5b4466b08002d3492c4e54c149005deb68f90b34.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
e70e6627d0d23b3ef43f8d3d5b4466b08002d3492c4e54c149005deb68f90b34.exe
Resource
win10-20231020-en
Malware Config
Targets
-
-
Target
e70e6627d0d23b3ef43f8d3d5b4466b08002d3492c4e54c149005deb68f90b34
-
Size
585KB
-
MD5
5b56d98cd74aa5c75d81ec033c2cefe7
-
SHA1
7ade139a319ad78d3d7f972b5448a002552c8e89
-
SHA256
e70e6627d0d23b3ef43f8d3d5b4466b08002d3492c4e54c149005deb68f90b34
-
SHA512
846f9aabf7cd6e6790d9e5d973cadbbda00060a23d9ae4c91c2dae32307ae12ec04fc336c015713336ac5559864ae7e54295779f8eaab3fb6b4457600cd4b73a
-
SSDEEP
6144:jcxPuxwhQyka515g4YttHQ462jYPp0r2mruh13t4q3bWUoM2oJFSrxpKLj4XygUu:oVuxwTka+ti92kPpeijCUoR7fyXs1ZR
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-