Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
file.exe
-
Size
391KB
-
Sample
240114-qv8lksbaek
-
MD5
bf175f02a728e76878446f06f6b04911
-
SHA1
d4eecbd44b7bf8dfaa997a3c5f604df93d80b814
-
SHA256
27069136cd35a1979a1fe20a06e551c91e2bce6fd526951a00274de902dbf26a
-
SHA512
083c4678c5c138844236faf8a3cd9112922304e4c84528953d0e429062c60df60850102ae1a9c9f976c64f4bdf516c07507789fbda121d345ae1e963c23f45ce
-
SSDEEP
6144:Tx5oUufZIwDx6lEcNkM2+3dK0FUoOOMKstoiE9kTXTOcpYGsbjTCUmS:TEZDxwkD+3rvTMKstoncpYr/
Static task
static1
Behavioral task
behavioral1
Sample
file.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
file.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
redline
LogsDiller Cloud (Telegram: @logsdillabot)
195.20.16.168:34926
Targets
-
-
Target
file.exe
-
Size
391KB
-
MD5
bf175f02a728e76878446f06f6b04911
-
SHA1
d4eecbd44b7bf8dfaa997a3c5f604df93d80b814
-
SHA256
27069136cd35a1979a1fe20a06e551c91e2bce6fd526951a00274de902dbf26a
-
SHA512
083c4678c5c138844236faf8a3cd9112922304e4c84528953d0e429062c60df60850102ae1a9c9f976c64f4bdf516c07507789fbda121d345ae1e963c23f45ce
-
SSDEEP
6144:Tx5oUufZIwDx6lEcNkM2+3dK0FUoOOMKstoiE9kTXTOcpYGsbjTCUmS:TEZDxwkD+3rvTMKstoncpYr/
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-