Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
NEAS.94115d0eae0422b6605f0f25841c29b7cc6c029472a983b21d1cedcd7fdcd647.exe
-
Size
1.3MB
-
Sample
231112-vy695saa62
-
MD5
06a6db9acf05fbb473df1c207a7c4124
-
SHA1
05a6cb77200d23c45296b4af0d88006adf9b77be
-
SHA256
94115d0eae0422b6605f0f25841c29b7cc6c029472a983b21d1cedcd7fdcd647
-
SHA512
5724c597e1f5e952305bb77f0dfd26809202e116688a0ea7cf14eeaf55dafee326cc397f23e6748248b1713fa8cde5bb5792a952f4f424f41a9bcdef2fc7a7b3
-
SSDEEP
24576:+yBANvH6jnxXaeBIsfC+GtzGDpqfMvzWayUPM1jrMv3n1fGHhrGlRBX/+iHfb:Ny2xKe6YjGM95LMea1GlnP+A
Static task
static1
Behavioral task
behavioral1
Sample
NEAS.94115d0eae0422b6605f0f25841c29b7cc6c029472a983b21d1cedcd7fdcd647.exe
Resource
win10v2004-20231023-en
Malware Config
Extracted
redline
taiga
5.42.92.51:19057
Targets
-
-
Target
NEAS.94115d0eae0422b6605f0f25841c29b7cc6c029472a983b21d1cedcd7fdcd647.exe
-
Size
1.3MB
-
MD5
06a6db9acf05fbb473df1c207a7c4124
-
SHA1
05a6cb77200d23c45296b4af0d88006adf9b77be
-
SHA256
94115d0eae0422b6605f0f25841c29b7cc6c029472a983b21d1cedcd7fdcd647
-
SHA512
5724c597e1f5e952305bb77f0dfd26809202e116688a0ea7cf14eeaf55dafee326cc397f23e6748248b1713fa8cde5bb5792a952f4f424f41a9bcdef2fc7a7b3
-
SSDEEP
24576:+yBANvH6jnxXaeBIsfC+GtzGDpqfMvzWayUPM1jrMv3n1fGHhrGlRBX/+iHfb:Ny2xKe6YjGM95LMea1GlnP+A
Score10/10-
Detect Mystic stealer payload
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Adds Run key to start application
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-