Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
6741290e801efcde6acb6ff03e3b543463bf7bd399a10f6544af419f932321c6
-
Size
332KB
-
Sample
240509-xzwadaae9s
-
MD5
2785970b40ee59c74ed08a80f670cf59
-
SHA1
3bd513a047d07542923fdda12233b6bfb0d3d4e9
-
SHA256
6741290e801efcde6acb6ff03e3b543463bf7bd399a10f6544af419f932321c6
-
SHA512
1f433a2b25742ef7ae3ec4038d4d42b27b209a33b6feece35f8570925a368b5d5e6edf48d4c100be27c550c5deab479209c33d62f45b07aa4e1e7d1d85033f9c
-
SSDEEP
6144:T1Bwp/lwz9PI8/T6f5mUz7S3RMyghw1PPmfwjWlltD+0Xp:TPjz9PI8/TzeygSdPIwjWNy0Xp
Malware Config
Extracted
redline
7001210066
https://pastebin.com/raw/KE5Mft0T
Targets
-
-
Target
6741290e801efcde6acb6ff03e3b543463bf7bd399a10f6544af419f932321c6
-
Size
332KB
-
MD5
2785970b40ee59c74ed08a80f670cf59
-
SHA1
3bd513a047d07542923fdda12233b6bfb0d3d4e9
-
SHA256
6741290e801efcde6acb6ff03e3b543463bf7bd399a10f6544af419f932321c6
-
SHA512
1f433a2b25742ef7ae3ec4038d4d42b27b209a33b6feece35f8570925a368b5d5e6edf48d4c100be27c550c5deab479209c33d62f45b07aa4e1e7d1d85033f9c
-
SSDEEP
6144:T1Bwp/lwz9PI8/T6f5mUz7S3RMyghw1PPmfwjWlltD+0Xp:TPjz9PI8/TzeygSdPIwjWNy0Xp
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of SetThreadContext
-