Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
149s -
max time network
157s -
platform
windows10-1703_x64 -
resource
win10-20231020-en -
resource tags
arch:x64arch:x86image:win10-20231020-enlocale:en-usos:windows10-1703-x64system -
submitted
12/11/2023, 20:18
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
ee199660ff1cc18bd01a9a3d2e8c6e4d7171c87f3e743eca19f91f8618325ec5.exe
Resource
win10-20231020-en
2 signatures
150 seconds
General
-
Target
ee199660ff1cc18bd01a9a3d2e8c6e4d7171c87f3e743eca19f91f8618325ec5.exe
-
Size
399KB
-
MD5
5bb3a52388991d9e1d912467f718bfab
-
SHA1
7ef571f38a95069ec735d610d254b5e567abea2b
-
SHA256
ee199660ff1cc18bd01a9a3d2e8c6e4d7171c87f3e743eca19f91f8618325ec5
-
SHA512
e3f5e1de2552a40a27052a45647cae3fa139831fdc45a763acda897de3008f5827f7aa00977a8d592920892afd594e62edfb17b6acd55b5c73714782d764a6de
-
SSDEEP
12288:Ap/1mecEqw3osbmioJKNVyWadJXltZaTXsnE:ANcAXyioJKNVyWadJXltZaTXsE
Score
10/10
Malware Config
Signatures
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload 2 IoCs
resource yara_rule behavioral1/memory/4404-0-0x00000000006E0000-0x000000000073A000-memory.dmp family_redline behavioral1/memory/4404-4-0x0000000000400000-0x0000000000467000-memory.dmp family_redline