Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
final_build_winmacos.exe
-
Size
1.2MB
-
Sample
240516-zmpyyafg3x
-
MD5
de967fcbdf2b61b7bdd96d06369293c7
-
SHA1
55f4681769b9c8aac9af72d48a55cb55b9e67153
-
SHA256
28e37e2fff2cc00ad7e09d18aea0bb2d57ed707938727ec7b773eb73d82547f4
-
SHA512
2d7d65b25524e7ef7b12f49f842c1f389f74cbc3a82b93c0da4dd3305a14a3bc82d7ea1b88527fe7bd775e7897da5ccc11b5550a35a662d8ec0097471eb2de7f
-
SSDEEP
24576:lKxiiAH280V6GfVDeRzFZMskrfQDDOdJtS+JTpAs:lKAOV6GfVDePegO9VJas
Static task
static1
Behavioral task
behavioral1
Sample
final_build_winmacos.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
final_build_winmacos.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
final_build_winmacos.exe
-
Size
1.2MB
-
MD5
de967fcbdf2b61b7bdd96d06369293c7
-
SHA1
55f4681769b9c8aac9af72d48a55cb55b9e67153
-
SHA256
28e37e2fff2cc00ad7e09d18aea0bb2d57ed707938727ec7b773eb73d82547f4
-
SHA512
2d7d65b25524e7ef7b12f49f842c1f389f74cbc3a82b93c0da4dd3305a14a3bc82d7ea1b88527fe7bd775e7897da5ccc11b5550a35a662d8ec0097471eb2de7f
-
SSDEEP
24576:lKxiiAH280V6GfVDeRzFZMskrfQDDOdJtS+JTpAs:lKAOV6GfVDePegO9VJas
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-