Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
NEAS.fe6aa6b62ec619150b2b02d0bbf412d0.exe
-
Size
311KB
-
Sample
231115-e45eqscb63
-
MD5
fe6aa6b62ec619150b2b02d0bbf412d0
-
SHA1
00c9387661e70c14a9864bf924a4a337b8659494
-
SHA256
e93e1bc916a1c530997476aa46c20e09954403519d49063aecb3bd7cf1b3d015
-
SHA512
c87a62455255f33711ebfd782da86ebe767569a78e1fc27d26b56561e2a24f50c9a2e4323284603a6446d706f2eecd227503e0ff6d2fce2887a81b348c2ae440
-
SSDEEP
3072:zjlomiD4ecS37wnKHZtRjHAUUpP+/JNYnr9gg24Fic0STdy9KPr7gkCWaHR+i6Z/:P3AE2wKDWneR2H0STdqIGjbc
Static task
static1
Behavioral task
behavioral1
Sample
NEAS.fe6aa6b62ec619150b2b02d0bbf412d0.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
NEAS.fe6aa6b62ec619150b2b02d0bbf412d0.exe
Resource
win10v2004-20231025-en
Malware Config
Extracted
redline
taiga
5.42.92.51:19057
Targets
-
-
Target
NEAS.fe6aa6b62ec619150b2b02d0bbf412d0.exe
-
Size
311KB
-
MD5
fe6aa6b62ec619150b2b02d0bbf412d0
-
SHA1
00c9387661e70c14a9864bf924a4a337b8659494
-
SHA256
e93e1bc916a1c530997476aa46c20e09954403519d49063aecb3bd7cf1b3d015
-
SHA512
c87a62455255f33711ebfd782da86ebe767569a78e1fc27d26b56561e2a24f50c9a2e4323284603a6446d706f2eecd227503e0ff6d2fce2887a81b348c2ae440
-
SSDEEP
3072:zjlomiD4ecS37wnKHZtRjHAUUpP+/JNYnr9gg24Fic0STdy9KPr7gkCWaHR+i6Z/:P3AE2wKDWneR2H0STdqIGjbc
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-