Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
1e77d802493fdc0dbe069b24d16af26b
-
Size
2.3MB
-
Sample
231225-pphyasbgfj
-
MD5
1e77d802493fdc0dbe069b24d16af26b
-
SHA1
13dcdf0a5c135865f5154f7b6a7afdcbd44e18c7
-
SHA256
019960c087dbaca50dd404d594ba2735b146ed708b01de3290442872f6ec8fab
-
SHA512
ad17a897988717e4fa11bc263d7a7a02ba93b02db5e260c2306353bd77e15086d34f1a92d83f2a42cf7d8ec603f1b4147714e6df03597c9e4001ca03168ec9fc
-
SSDEEP
49152:M5+hFOYoKNA2AFktKu0+lVUkXFQ92sI9RzQNlWscseCxxiz8lVHTIioOFZQ+n:M5aFOWNA7ktZ7UkXK9dAuNlHc58xiqZr
Static task
static1
Behavioral task
behavioral1
Sample
1e77d802493fdc0dbe069b24d16af26b.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
1e77d802493fdc0dbe069b24d16af26b.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
redline
@Lolajetyk
45.14.49.109:21295
Targets
-
-
Target
1e77d802493fdc0dbe069b24d16af26b
-
Size
2.3MB
-
MD5
1e77d802493fdc0dbe069b24d16af26b
-
SHA1
13dcdf0a5c135865f5154f7b6a7afdcbd44e18c7
-
SHA256
019960c087dbaca50dd404d594ba2735b146ed708b01de3290442872f6ec8fab
-
SHA512
ad17a897988717e4fa11bc263d7a7a02ba93b02db5e260c2306353bd77e15086d34f1a92d83f2a42cf7d8ec603f1b4147714e6df03597c9e4001ca03168ec9fc
-
SSDEEP
49152:M5+hFOYoKNA2AFktKu0+lVUkXFQ92sI9RzQNlWscseCxxiz8lVHTIioOFZQ+n:M5aFOWNA7ktZ7UkXK9dAuNlHc58xiqZr
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-