Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
b3b20879435d7d70a86da573a957fcb3.exe
-
Size
15.2MB
-
Sample
240528-snfnbsaa7s
-
MD5
b3b20879435d7d70a86da573a957fcb3
-
SHA1
bd2f12135c006bc472f4b1df3b6262015c58d84b
-
SHA256
30d995dc0ef6dfcba441aa7dd0fea9f0b06b45761e41262ebd28985b07b531bf
-
SHA512
eba24fa9b458b084f131a7f546d8ad0758f06ea87ac151265826f07de642bf3f8cf991cf39421b82de272720e4ce6c90fc190266d34ace6cd6efdd1a3eef37ef
-
SSDEEP
393216:TCvQ2nevfp3uEJWQsUcR4NzK1+TtIirvB5IjWqkzw:z2evB3uEYQFS1QtIo3ILr
Behavioral task
behavioral1
Sample
b3b20879435d7d70a86da573a957fcb3.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
b3b20879435d7d70a86da573a957fcb3.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
redline
Raijin, Mybestdog
51.195.53.197:13914
Targets
-
-
Target
b3b20879435d7d70a86da573a957fcb3.exe
-
Size
15.2MB
-
MD5
b3b20879435d7d70a86da573a957fcb3
-
SHA1
bd2f12135c006bc472f4b1df3b6262015c58d84b
-
SHA256
30d995dc0ef6dfcba441aa7dd0fea9f0b06b45761e41262ebd28985b07b531bf
-
SHA512
eba24fa9b458b084f131a7f546d8ad0758f06ea87ac151265826f07de642bf3f8cf991cf39421b82de272720e4ce6c90fc190266d34ace6cd6efdd1a3eef37ef
-
SSDEEP
393216:TCvQ2nevfp3uEJWQsUcR4NzK1+TtIirvB5IjWqkzw:z2evB3uEYQFS1QtIo3ILr
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-