Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
cad2999cf9a0da5fc346e8c3194c24648f9bbb8e8d07eb74bee7a92f7119cc10
-
Size
118KB
-
Sample
240507-eppqqscb33
-
MD5
815da7649edacda051597516a5778ed0
-
SHA1
d1783f25ace0f318a32566a3d7c81f157d3ae882
-
SHA256
cad2999cf9a0da5fc346e8c3194c24648f9bbb8e8d07eb74bee7a92f7119cc10
-
SHA512
35854304ba27133dad0e5147ea5cb9fcd1f35f31fd8f0766212f98baaa41beb39edb5383b1615f595452c330168c510408679365bd79ef0e02a88db6348bef34
-
SSDEEP
3072:AlYUjNmEHqIjosHlWd1AZb99QIS3rb8asq7paPH5:9L8lWMZ/QIS/8appe
Static task
static1
Behavioral task
behavioral1
Sample
cad2999cf9a0da5fc346e8c3194c24648f9bbb8e8d07eb74bee7a92f7119cc10.exe
Resource
win10v2004-20240419-en
Malware Config
Extracted
redline
708370717
https://pastebin.com/raw/KE5Mft0T
Targets
-
-
Target
cad2999cf9a0da5fc346e8c3194c24648f9bbb8e8d07eb74bee7a92f7119cc10
-
Size
118KB
-
MD5
815da7649edacda051597516a5778ed0
-
SHA1
d1783f25ace0f318a32566a3d7c81f157d3ae882
-
SHA256
cad2999cf9a0da5fc346e8c3194c24648f9bbb8e8d07eb74bee7a92f7119cc10
-
SHA512
35854304ba27133dad0e5147ea5cb9fcd1f35f31fd8f0766212f98baaa41beb39edb5383b1615f595452c330168c510408679365bd79ef0e02a88db6348bef34
-
SSDEEP
3072:AlYUjNmEHqIjosHlWd1AZb99QIS3rb8asq7paPH5:9L8lWMZ/QIS/8appe
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of SetThreadContext
-