Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
0d2ad7f78d6bdf3b3156d33994d4d3dda98010d99b7ad0a8be0f10328715b538
-
Size
304KB
-
Sample
240424-mm9xwsgh69
-
MD5
41a5b2dc66d77b7699a4a91f4e119f15
-
SHA1
9ae487edcc7a581df4f91950b1c218287860ed8a
-
SHA256
0d2ad7f78d6bdf3b3156d33994d4d3dda98010d99b7ad0a8be0f10328715b538
-
SHA512
06be92c8a2197ead057858125fb95a11a21e2dd6f3dc8044eaafffc04f2bdf2106b84c829955c50787e2f407a62248ac4ebb3128b4e93559c67d1c76da822761
-
SSDEEP
6144:/qY6irwP7YfmrYiJv7TAPAzdcZqf7DI/L:/nwPkiJvGAzdcUzs/
Behavioral task
behavioral1
Sample
0d2ad7f78d6bdf3b3156d33994d4d3dda98010d99b7ad0a8be0f10328715b538.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
redline
spoo
103.113.70.99:2630
Targets
-
-
Target
0d2ad7f78d6bdf3b3156d33994d4d3dda98010d99b7ad0a8be0f10328715b538
-
Size
304KB
-
MD5
41a5b2dc66d77b7699a4a91f4e119f15
-
SHA1
9ae487edcc7a581df4f91950b1c218287860ed8a
-
SHA256
0d2ad7f78d6bdf3b3156d33994d4d3dda98010d99b7ad0a8be0f10328715b538
-
SHA512
06be92c8a2197ead057858125fb95a11a21e2dd6f3dc8044eaafffc04f2bdf2106b84c829955c50787e2f407a62248ac4ebb3128b4e93559c67d1c76da822761
-
SSDEEP
6144:/qY6irwP7YfmrYiJv7TAPAzdcZqf7DI/L:/nwPkiJvGAzdcUzs/
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-