Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
03d2f72080a0ea3481802a20a4ffdf73.bin
-
Size
931KB
-
Sample
231212-bc36tadec3
-
MD5
03d2f72080a0ea3481802a20a4ffdf73
-
SHA1
9acb31e5216f4baafc1ee23c2a8e76a199e7f5d6
-
SHA256
d3423d506c9ccc5f5ec5b4acf13716c4387cdc2d61f34b6a6e47dce65b2c9f2a
-
SHA512
db8ccfbd645e5d18935bb12fc57bd790f9e2ba05504f89f6fc97e90f1533ff42f5e11e2be552ea9fb8d7493daeedddd9547108ca41146bf5e7269e67931efdd2
-
SSDEEP
12288:Qo3KQe7S/+322Ghabdq399BObcCiZFU6d5WDAWHKVbnIGWBuhNy3xXJsMB:9KO/+3HGhabdO9pe6f8/SMPLBX+MB
Static task
static1
Behavioral task
behavioral1
Sample
03d2f72080a0ea3481802a20a4ffdf73.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
03d2f72080a0ea3481802a20a4ffdf73.exe
Resource
win10v2004-20231127-en
Malware Config
Extracted
smokeloader
2022
http://81.19.131.34/fks/index.php
Extracted
redline
LiveTraffic
77.105.132.87:17066
Extracted
smokeloader
up3
Extracted
redline
@oleh_ps
176.123.7.190:32927
Targets
-
-
Target
03d2f72080a0ea3481802a20a4ffdf73.bin
-
Size
931KB
-
MD5
03d2f72080a0ea3481802a20a4ffdf73
-
SHA1
9acb31e5216f4baafc1ee23c2a8e76a199e7f5d6
-
SHA256
d3423d506c9ccc5f5ec5b4acf13716c4387cdc2d61f34b6a6e47dce65b2c9f2a
-
SHA512
db8ccfbd645e5d18935bb12fc57bd790f9e2ba05504f89f6fc97e90f1533ff42f5e11e2be552ea9fb8d7493daeedddd9547108ca41146bf5e7269e67931efdd2
-
SSDEEP
12288:Qo3KQe7S/+322Ghabdq399BObcCiZFU6d5WDAWHKVbnIGWBuhNy3xXJsMB:9KO/+3HGhabdO9pe6f8/SMPLBX+MB
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Suspicious use of SetThreadContext
-