Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
566423477686c57b22294736bf72fff582d7b0b96459926f7eca3ec710173319
-
Size
1.4MB
-
Sample
231031-1cqcdsea9y
-
MD5
aac12e791432ba8723d7cce41c86f2da
-
SHA1
d011f21587b8953883b7d29ac3875619396aa85c
-
SHA256
abe75a1220aab2d6ccf117f72f21159cc37b36a3112819e026a8193a6cc99a2b
-
SHA512
c51fd1f2bbd5e8fdbaef35a5baeff3bea108471c090b23a12f09f38f9b67565ed2c37011c2b75b8545b597813e5c3a1c092d3d6d18356693d817d458892e439b
-
SSDEEP
24576:myfL5CDu9FCRvHOaGMG3koaWo7tLpCGXEkLwgqbwTFs3r:1T5UzlHONMPoanVcGX2gqbwW
Static task
static1
Behavioral task
behavioral1
Sample
566423477686c57b22294736bf72fff582d7b0b96459926f7eca3ec710173319.exe
Resource
win10v2004-20231023-en
Malware Config
Extracted
redline
kinza
77.91.124.86:19084
Targets
-
-
Target
566423477686c57b22294736bf72fff582d7b0b96459926f7eca3ec710173319
-
Size
1.5MB
-
MD5
10f1fd1abdb61d0d9b6c6825a1b0f4f5
-
SHA1
53bbb16bda921f2136de280de9034ae6e80fab81
-
SHA256
566423477686c57b22294736bf72fff582d7b0b96459926f7eca3ec710173319
-
SHA512
033d08d69ce2073c993600b0ab1fbc84ebabf0e7b733e95f1e1ba475ff679c0d768a84c5ef32a763ef360bd71882252bd33a9b5ec633b864fbd3ac2caf759f8f
-
SSDEEP
24576:1yO8rCrutFCFzjyYMS3ko4WrLa3LB26TP6+LwSq5GTjULga:QtrGfFzjyYMTo4MWbB26ToSq5G
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-