Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Solara X.exe
-
Size
621KB
-
Sample
240514-15ljxabe65
-
MD5
1e536c847123313a6e252dd5a5d48a5d
-
SHA1
bac2343eb16adae849200a806de69feaa33e9723
-
SHA256
8240313dbd2ede98273fe7f6e32bff11d308b303cce509d6c6f4270f82b9be04
-
SHA512
8f39905a2aa99595a1d081c558656eeade2f67e01d9c4cef7fa0d964f525d3ab1c7902393c963c07f70cccc1eac58a529569abd9b90ab51283687502537763c8
-
SSDEEP
12288:0YXlzuhD4WzJCQ/iGwbAYjqoAyB6Mh1g6B88hA9reI6hrAftl3qui54nN++pI4zr:0YVTcLiGhoAyoMX
Static task
static1
Behavioral task
behavioral1
Sample
Solara X.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
Solara X.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
redline
194.26.232.43:20746
Targets
-
-
Target
Solara X.exe
-
Size
621KB
-
MD5
1e536c847123313a6e252dd5a5d48a5d
-
SHA1
bac2343eb16adae849200a806de69feaa33e9723
-
SHA256
8240313dbd2ede98273fe7f6e32bff11d308b303cce509d6c6f4270f82b9be04
-
SHA512
8f39905a2aa99595a1d081c558656eeade2f67e01d9c4cef7fa0d964f525d3ab1c7902393c963c07f70cccc1eac58a529569abd9b90ab51283687502537763c8
-
SSDEEP
12288:0YXlzuhD4WzJCQ/iGwbAYjqoAyB6Mh1g6B88hA9reI6hrAftl3qui54nN++pI4zr:0YVTcLiGhoAyoMX
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-