Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
cbf65115df8613eae9e7a4e21b130f935e908da6763fc3a49c89262ed658b3ca
-
Size
304KB
-
Sample
240424-k48eaagc52
-
MD5
a93eb34b60c0c420f9c9ea53965044bd
-
SHA1
153712d1fc70c6632d8d65f10f8d7924a528c459
-
SHA256
cbf65115df8613eae9e7a4e21b130f935e908da6763fc3a49c89262ed658b3ca
-
SHA512
6f3594a2d1e221001f8953dfb73378b2246c2a0227ba9486d7276a4797c3b75ce6a6fc0ee481eaceeef474fa473509f6169025410ca4cd8ad6a9eb49ff22add5
-
SSDEEP
6144:/qY6irwP7YfmrYiJv7TAPAzdcZqf7DI/L:/nwPkiJvGAzdcUzs/
Behavioral task
behavioral1
Sample
cbf65115df8613eae9e7a4e21b130f935e908da6763fc3a49c89262ed658b3ca.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
redline
spoo
103.113.70.99:2630
Targets
-
-
Target
cbf65115df8613eae9e7a4e21b130f935e908da6763fc3a49c89262ed658b3ca
-
Size
304KB
-
MD5
a93eb34b60c0c420f9c9ea53965044bd
-
SHA1
153712d1fc70c6632d8d65f10f8d7924a528c459
-
SHA256
cbf65115df8613eae9e7a4e21b130f935e908da6763fc3a49c89262ed658b3ca
-
SHA512
6f3594a2d1e221001f8953dfb73378b2246c2a0227ba9486d7276a4797c3b75ce6a6fc0ee481eaceeef474fa473509f6169025410ca4cd8ad6a9eb49ff22add5
-
SSDEEP
6144:/qY6irwP7YfmrYiJv7TAPAzdcZqf7DI/L:/nwPkiJvGAzdcUzs/
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-