Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
b882d2fa75dd429d2366009bbe68c3bf3910cc54bce8a1b6e3ec56f8cae11775.exe
-
Size
1.4MB
-
Sample
231127-t548pahh63
-
MD5
45cee4ec3643349ffdf7395f7b4a5b3f
-
SHA1
26774d3f71bb03f94588b04e9bd8926fc87c6653
-
SHA256
b882d2fa75dd429d2366009bbe68c3bf3910cc54bce8a1b6e3ec56f8cae11775
-
SHA512
eac80cdb3cb0371bd429e7a672257d7015ff7ab70f4d6c56ac4ba8abbe3d6e931441389b031220f8c7fcb2decdf8042f76969442c2e7f2d5d2e5f68e8124a08b
-
SSDEEP
24576:n5hGigbZWG8Srp651ZFL3XVTLcx9+WrCkF2gNCs46sL3f:n0SYP+cRF2gNlsD
Static task
static1
Behavioral task
behavioral1
Sample
b882d2fa75dd429d2366009bbe68c3bf3910cc54bce8a1b6e3ec56f8cae11775.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
b882d2fa75dd429d2366009bbe68c3bf3910cc54bce8a1b6e3ec56f8cae11775.exe
Resource
win10v2004-20231023-en
Malware Config
Targets
-
-
Target
b882d2fa75dd429d2366009bbe68c3bf3910cc54bce8a1b6e3ec56f8cae11775.exe
-
Size
1.4MB
-
MD5
45cee4ec3643349ffdf7395f7b4a5b3f
-
SHA1
26774d3f71bb03f94588b04e9bd8926fc87c6653
-
SHA256
b882d2fa75dd429d2366009bbe68c3bf3910cc54bce8a1b6e3ec56f8cae11775
-
SHA512
eac80cdb3cb0371bd429e7a672257d7015ff7ab70f4d6c56ac4ba8abbe3d6e931441389b031220f8c7fcb2decdf8042f76969442c2e7f2d5d2e5f68e8124a08b
-
SSDEEP
24576:n5hGigbZWG8Srp651ZFL3XVTLcx9+WrCkF2gNCs46sL3f:n0SYP+cRF2gNlsD
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-