Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

dridex

windows10-1703-x64

10

Analysis

  • max time kernel
    149s
  • max time network
    157s
  • platform
    windows10-1703_x64
  • resource
    win10-20231020-en
  • resource tags

    arch:x64arch:x86image:win10-20231020-enlocale:en-usos:windows10-1703-x64system
  • submitted
    12/11/2023, 20:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ee199660ff1cc18bd01a9a3d2e8c6e4d7171c87f3e743eca19f91f8618325ec5.exe

  • Size

    399KB

  • MD5

    5bb3a52388991d9e1d912467f718bfab

  • SHA1

    7ef571f38a95069ec735d610d254b5e567abea2b

  • SHA256

    ee199660ff1cc18bd01a9a3d2e8c6e4d7171c87f3e743eca19f91f8618325ec5

  • SHA512

    e3f5e1de2552a40a27052a45647cae3fa139831fdc45a763acda897de3008f5827f7aa00977a8d592920892afd594e62edfb17b6acd55b5c73714782d764a6de

  • SSDEEP

    12288:Ap/1mecEqw3osbmioJKNVyWadJXltZaTXsnE:ANcAXyioJKNVyWadJXltZaTXsE

Score
10/10
redlineinfostealer

Malware Config

Signatures

  • RedLine

    RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    infostealerredline
  • RedLine payload 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ee199660ff1cc18bd01a9a3d2e8c6e4d7171c87f3e743eca19f91f8618325ec5.exe
    "C:\Users\Admin\AppData\Local\Temp\ee199660ff1cc18bd01a9a3d2e8c6e4d7171c87f3e743eca19f91f8618325ec5.exe"
    1⤵
      PID:4404

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/4404-0-0x00000000006E0000-0x000000000073A000-memory.dmp

      Filesize

      360KB

      Download

    • memory/4404-4-0x0000000000400000-0x0000000000467000-memory.dmp

      Filesize

      412KB

      Download

    • memory/4404-5-0x0000000073E10000-0x00000000744FE000-memory.dmp

      Filesize

      6.9MB

      Download

    • memory/4404-6-0x0000000006FF0000-0x00000000074EE000-memory.dmp

      Filesize

      5.0MB

      Download

    • memory/4404-7-0x00000000074F0000-0x0000000007582000-memory.dmp

      Filesize

      584KB

      Download

    • memory/4404-8-0x00000000076D0000-0x00000000076E0000-memory.dmp

      Filesize

      64KB

      Download

    • memory/4404-9-0x00000000076B0000-0x00000000076BA000-memory.dmp

      Filesize

      40KB

      Download

    • memory/4404-10-0x0000000007AA0000-0x00000000080A6000-memory.dmp

      Filesize

      6.0MB

      Download

    • memory/4404-11-0x0000000007770000-0x0000000007782000-memory.dmp

      Filesize

      72KB

      Download

    • memory/4404-12-0x0000000007840000-0x000000000794A000-memory.dmp

      Filesize

      1.0MB

      Download

    • memory/4404-13-0x00000000077C0000-0x00000000077FE000-memory.dmp

      Filesize

      248KB

      Download

    • memory/4404-14-0x0000000007950000-0x000000000799B000-memory.dmp

      Filesize

      300KB

      Download

    • memory/4404-15-0x0000000073E10000-0x00000000744FE000-memory.dmp

      Filesize

      6.9MB

      Download

    • memory/4404-16-0x00000000076D0000-0x00000000076E0000-memory.dmp

      Filesize

      64KB

      Download