Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
file
-
Size
1.1MB
-
Sample
231116-skjktacf39
-
MD5
f1269255ba88a71955f1ccc2d4576629
-
SHA1
c13a7009925d564d57d0386386df162287529f50
-
SHA256
7fe58a57ec935872f4c4d04330cd28bed9ad7838ab7f06722505c04c72eab0a1
-
SHA512
81d893205522e2e338aefe341bc5e38201cb2a6b2085e9ff28d2b70b0060975a5e1fca21cea397be11794402ab1e477c181c0d067d377a0fcbe220e61c89fd46
-
SSDEEP
24576:gYzarSx8Xfg+g+tHNbGaqn4/VzSCwU7iG+xFa:gKx8Xfg+g+tHV/H7iGCFa
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
file.exe
Resource
win10v2004-20231023-en
Malware Config
Extracted
redline
LogsDiller Cloud (Telegram: @logsdillabot)
194.49.94.142:41292
Targets
-
-
Target
file
-
Size
1.1MB
-
MD5
f1269255ba88a71955f1ccc2d4576629
-
SHA1
c13a7009925d564d57d0386386df162287529f50
-
SHA256
7fe58a57ec935872f4c4d04330cd28bed9ad7838ab7f06722505c04c72eab0a1
-
SHA512
81d893205522e2e338aefe341bc5e38201cb2a6b2085e9ff28d2b70b0060975a5e1fca21cea397be11794402ab1e477c181c0d067d377a0fcbe220e61c89fd46
-
SSDEEP
24576:gYzarSx8Xfg+g+tHNbGaqn4/VzSCwU7iG+xFa:gKx8Xfg+g+tHV/H7iGCFa
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-