Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
44b4bcebb65ef3058dd0189d67e6ed3cd018d527f7ed9772f7fe58404dd764c8
-
Size
267KB
-
Sample
240509-hbe6xsee2z
-
MD5
5232a0dfae271edf2b92d8fa8ac2d405
-
SHA1
aa8e640e4ce0e24bbc4db189f1fa4fbdb0260448
-
SHA256
44b4bcebb65ef3058dd0189d67e6ed3cd018d527f7ed9772f7fe58404dd764c8
-
SHA512
8b1ddb476db3059ac6ae5f415e7f84545afc405b61fa20a7b10d687078359df9f2e1ae2d18556b8547e87133c0b70aa425afaa3c0ed16238d5dac9c991edf694
-
SSDEEP
6144:ZYcllhS4qdxjPxUUsN+i6vMlrobXuEbIxmmKU:ya/SNRS6vMWblbIpKU
Static task
static1
Behavioral task
behavioral1
Sample
44b4bcebb65ef3058dd0189d67e6ed3cd018d527f7ed9772f7fe58404dd764c8.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral2
Sample
44b4bcebb65ef3058dd0189d67e6ed3cd018d527f7ed9772f7fe58404dd764c8.exe
Resource
win11-20240426-en
Malware Config
Extracted
redline
7001210066
https://pastebin.com/raw/KE5Mft0T
Targets
-
-
Target
44b4bcebb65ef3058dd0189d67e6ed3cd018d527f7ed9772f7fe58404dd764c8
-
Size
267KB
-
MD5
5232a0dfae271edf2b92d8fa8ac2d405
-
SHA1
aa8e640e4ce0e24bbc4db189f1fa4fbdb0260448
-
SHA256
44b4bcebb65ef3058dd0189d67e6ed3cd018d527f7ed9772f7fe58404dd764c8
-
SHA512
8b1ddb476db3059ac6ae5f415e7f84545afc405b61fa20a7b10d687078359df9f2e1ae2d18556b8547e87133c0b70aa425afaa3c0ed16238d5dac9c991edf694
-
SSDEEP
6144:ZYcllhS4qdxjPxUUsN+i6vMlrobXuEbIxmmKU:ya/SNRS6vMWblbIpKU
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of SetThreadContext
-