Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
0f4dcff379d19d306dfc50eb6cbf1cb259e73762b1b13d8427874b87efe4807f
-
Size
267KB
-
Sample
240509-gjaezagb69
-
MD5
75784927e58273f6ed2fea6bfb71fbef
-
SHA1
5f80cf17578456c4845ecb9eea18ef92fd103bc6
-
SHA256
0f4dcff379d19d306dfc50eb6cbf1cb259e73762b1b13d8427874b87efe4807f
-
SHA512
fb6febfc3bea565662462dc02326c8c9045d7db170edaa5052e67f7a043c7a03c7d8c33f8e43d32fc5c53e54072c00582553d06cfcef72879b87e1e4716389fe
-
SSDEEP
6144:XdcllhS4qdxjPxUUsnNJHgYussMG9lpC+2mmKU:Na/SNRWHvussMGbOKU
Static task
static1
Behavioral task
behavioral1
Sample
0f4dcff379d19d306dfc50eb6cbf1cb259e73762b1b13d8427874b87efe4807f.exe
Resource
win10v2004-20240426-en
Behavioral task
behavioral2
Sample
0f4dcff379d19d306dfc50eb6cbf1cb259e73762b1b13d8427874b87efe4807f.exe
Resource
win11-20240426-en
Malware Config
Extracted
redline
5345987420
https://pastebin.com/raw/KE5Mft0T
Targets
-
-
Target
0f4dcff379d19d306dfc50eb6cbf1cb259e73762b1b13d8427874b87efe4807f
-
Size
267KB
-
MD5
75784927e58273f6ed2fea6bfb71fbef
-
SHA1
5f80cf17578456c4845ecb9eea18ef92fd103bc6
-
SHA256
0f4dcff379d19d306dfc50eb6cbf1cb259e73762b1b13d8427874b87efe4807f
-
SHA512
fb6febfc3bea565662462dc02326c8c9045d7db170edaa5052e67f7a043c7a03c7d8c33f8e43d32fc5c53e54072c00582553d06cfcef72879b87e1e4716389fe
-
SSDEEP
6144:XdcllhS4qdxjPxUUsnNJHgYussMG9lpC+2mmKU:Na/SNRWHvussMGbOKU
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of SetThreadContext
-