Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
1aaf4b8d96ab060b1f8a1cf8a7092e0f57c03cd90904e8ad0f04915cef8f1f4b
-
Size
604KB
-
Sample
240417-rap46sag87
-
MD5
4c598e8a8ed637da4570dde7724fcaa8
-
SHA1
7ab3895d4519bb755057c99734b608aecf299c87
-
SHA256
1aaf4b8d96ab060b1f8a1cf8a7092e0f57c03cd90904e8ad0f04915cef8f1f4b
-
SHA512
2a31a0f84ddf89800223070797fbbdcb4e20da4c1fb89debdf46cbbc9c79eaa7513674aedb9a22a2e2b3435555e1a0b8174db2a9cc62b995322db945757298ac
-
SSDEEP
12288:xG3OoL1L+Z9eAl7WlbvyLk+IMAEpsC39hYcZdo+CyTjBD3:toLdAgBZsAEJ39hh3CC3
Behavioral task
behavioral1
Sample
c8f89ba3b896c3422f97f8fdcb91a19af3fe8beea8af76a5a2298556c4137c11.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
c8f89ba3b896c3422f97f8fdcb91a19af3fe8beea8af76a5a2298556c4137c11.exe
Resource
win10v2004-20240412-en
Malware Config
Targets
-
-
Target
c8f89ba3b896c3422f97f8fdcb91a19af3fe8beea8af76a5a2298556c4137c11.exe
-
Size
707KB
-
MD5
c920a8fc975ab6f609a3e20a1f23e43d
-
SHA1
4c7f42446ebdf228963b974c510e63147c2ad25d
-
SHA256
c8f89ba3b896c3422f97f8fdcb91a19af3fe8beea8af76a5a2298556c4137c11
-
SHA512
6322121341a623706dc5d9d905d4d446247d8123530c18346f484732ed00eb17472f73645ee59bf6319ac5e3b6a20cc6e7c55ba4e24d79612539f8793a80e5d4
-
SSDEEP
12288:ewq1od3iYcPbkbftLgBjJj3MUZE+7+wEExPw8M2QlOG0jJAI8XjrYdLjaPh:qbGf+IUyaiEe12U0jWB3kmPh
-
Detect ZGRat V1
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-