Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
NEAS.aba938426c40ea93bca80f2a13794310.exe
-
Size
892KB
-
Sample
231116-lkz48shf39
-
MD5
aba938426c40ea93bca80f2a13794310
-
SHA1
67c643ea37da472e5fc13f9f14623ef47b8b8731
-
SHA256
f6bc805c77007a0e0144b4ce4786cf4be2084e23699b1f780f16cb4780d608a1
-
SHA512
c523d4b752c57acb7a7d26e7ebcb4c08b4f02f46115c81a5119297e9c91b104df3c1e7084aa0682c0ec4467d078d80225288ade4f2a8799e16bffa6fa48d084f
-
SSDEEP
24576:NyAW7oMBruWYbZ89PGxGuPHzrfRo3UzHEh0Rx2dQ6LBxoW9X:oAooMB1qWGxGYr/TEmj2TcW
Static task
static1
Behavioral task
behavioral1
Sample
NEAS.aba938426c40ea93bca80f2a13794310.exe
Resource
win10v2004-20231020-en
Malware Config
Extracted
redline
taiga
5.42.92.51:19057
Targets
-
-
Target
NEAS.aba938426c40ea93bca80f2a13794310.exe
-
Size
892KB
-
MD5
aba938426c40ea93bca80f2a13794310
-
SHA1
67c643ea37da472e5fc13f9f14623ef47b8b8731
-
SHA256
f6bc805c77007a0e0144b4ce4786cf4be2084e23699b1f780f16cb4780d608a1
-
SHA512
c523d4b752c57acb7a7d26e7ebcb4c08b4f02f46115c81a5119297e9c91b104df3c1e7084aa0682c0ec4467d078d80225288ade4f2a8799e16bffa6fa48d084f
-
SSDEEP
24576:NyAW7oMBruWYbZ89PGxGuPHzrfRo3UzHEh0Rx2dQ6LBxoW9X:oAooMB1qWGxGYr/TEmj2TcW
Score10/10-
Detect Mystic stealer payload
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-