Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Overview
overview
10Static
static
3MultiHack v1.7.zip
windows7-x64
1MultiHack v1.7.zip
windows10-2004-x64
1MultiHack ...er.exe
windows7-x64
7MultiHack ...er.exe
windows10-2004-x64
10MultiHack ...ME.txt
windows7-x64
1MultiHack ...ME.txt
windows10-2004-x64
1MultiHack ...vm.cfg
windows7-x64
3MultiHack ...vm.cfg
windows10-2004-x64
3MultiHack ...sy.txt
windows7-x64
1MultiHack ...sy.txt
windows10-2004-x64
1MultiHack ...ap.txt
windows7-x64
1MultiHack ...ap.txt
windows10-2004-x64
1MultiHack ...ns.txt
windows7-x64
1MultiHack ...ns.txt
windows10-2004-x64
1MultiHack ...st.txt
windows7-x64
1MultiHack ...st.txt
windows10-2004-x64
1MultiHack ...ts.txt
windows7-x64
1MultiHack ...ts.txt
windows10-2004-x64
1MultiHack ...ds.txt
windows7-x64
1MultiHack ...ds.txt
windows10-2004-x64
1MultiHack ...nu.txt
windows7-x64
1MultiHack ...nu.txt
windows10-2004-x64
1MultiHack ...ns.txt
windows7-x64
1MultiHack ...ns.txt
windows10-2004-x64
1MultiHack ...ts.txt
windows7-x64
1MultiHack ...ts.txt
windows10-2004-x64
1MultiHack ...ut.txt
windows7-x64
1MultiHack ...ut.txt
windows10-2004-x64
1MultiHack ...da.txt
windows7-x64
1MultiHack ...da.txt
windows10-2004-x64
1MultiHack ...le.txt
windows7-x64
1MultiHack ...le.txt
windows10-2004-x64
1General
-
Target
MultiHack v1.7.zip
-
Size
3.7MB
-
Sample
240612-e6ft6a1cmr
-
MD5
8f23df152d21164e65c9ec0075438092
-
SHA1
d7da33a9562eff23285b9c3c03663f7d486a8cfd
-
SHA256
9e5350ebbbe71cde0e195735289355187d11af0ce0b625cb16ded5f0f3b98744
-
SHA512
c3be73b3d9fd59c4db5155afaa47beb36903fa8c0680f25f1ebd7ffc067aa7b78b9358deba96de95fde1725b2bb10bebd71221dd097a976556dfad9a3b14af0a
-
SSDEEP
98304:WOMjLhIEsDwTDhjgUqLGEjYOjS6qmRsjOmdYS01jjMT:NMjdIZER+SGsjf0BjC
Static task
static1
Behavioral task
behavioral1
Sample
MultiHack v1.7.zip
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
MultiHack v1.7.zip
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
MultiHack v1.7/Loader.exe
Resource
win7-20240611-en
Behavioral task
behavioral4
Sample
MultiHack v1.7/Loader.exe
Resource
win10v2004-20240611-en
Behavioral task
behavioral5
Sample
MultiHack v1.7/README.txt
Resource
win7-20231129-en
Behavioral task
behavioral6
Sample
MultiHack v1.7/README.txt
Resource
win10v2004-20240508-en
Behavioral task
behavioral7
Sample
MultiHack v1.7/jvm.cfg
Resource
win7-20240508-en
Behavioral task
behavioral8
Sample
MultiHack v1.7/jvm.cfg
Resource
win10v2004-20240611-en
Behavioral task
behavioral9
Sample
MultiHack v1.7/scripts/actbusy.txt
Resource
win7-20240419-en
Behavioral task
behavioral10
Sample
MultiHack v1.7/scripts/actbusy.txt
Resource
win10v2004-20240508-en
Behavioral task
behavioral11
Sample
MultiHack v1.7/scripts/actremap.txt
Resource
win7-20240220-en
Behavioral task
behavioral12
Sample
MultiHack v1.7/scripts/actremap.txt
Resource
win10v2004-20240508-en
Behavioral task
behavioral13
Sample
MultiHack v1.7/scripts/audio_options.txt
Resource
win7-20240221-en
Behavioral task
behavioral14
Sample
MultiHack v1.7/scripts/audio_options.txt
Resource
win10v2004-20240508-en
Behavioral task
behavioral15
Sample
MultiHack v1.7/scripts/bonus_maps_manifest.txt
Resource
win7-20240508-en
Behavioral task
behavioral16
Sample
MultiHack v1.7/scripts/bonus_maps_manifest.txt
Resource
win10v2004-20240611-en
Behavioral task
behavioral17
Sample
MultiHack v1.7/scripts/bugreporter_defaults.txt
Resource
win7-20240221-en
Behavioral task
behavioral18
Sample
MultiHack v1.7/scripts/bugreporter_defaults.txt
Resource
win10v2004-20240611-en
Behavioral task
behavioral19
Sample
MultiHack v1.7/scripts/chapterbackgrounds.txt
Resource
win7-20240508-en
Behavioral task
behavioral20
Sample
MultiHack v1.7/scripts/chapterbackgrounds.txt
Resource
win10v2004-20240508-en
Behavioral task
behavioral21
Sample
MultiHack v1.7/scripts/clientmenu.txt
Resource
win7-20240221-en
Behavioral task
behavioral22
Sample
MultiHack v1.7/scripts/clientmenu.txt
Resource
win10v2004-20240226-en
Behavioral task
behavioral23
Sample
MultiHack v1.7/scripts/controller_options.txt
Resource
win7-20240611-en
Behavioral task
behavioral24
Sample
MultiHack v1.7/scripts/controller_options.txt
Resource
win10v2004-20240508-en
Behavioral task
behavioral25
Sample
MultiHack v1.7/scripts/credits.txt
Resource
win7-20240611-en
Behavioral task
behavioral26
Sample
MultiHack v1.7/scripts/credits.txt
Resource
win10v2004-20240611-en
Behavioral task
behavioral27
Sample
MultiHack v1.7/scripts/damagecutout.txt
Resource
win7-20240508-en
Behavioral task
behavioral28
Sample
MultiHack v1.7/scripts/damagecutout.txt
Resource
win10v2004-20240508-en
Behavioral task
behavioral29
Sample
MultiHack v1.7/scripts/damagecutout_ceda.txt
Resource
win7-20240508-en
Behavioral task
behavioral30
Sample
MultiHack v1.7/scripts/damagecutout_ceda.txt
Resource
win10v2004-20240611-en
Behavioral task
behavioral31
Sample
MultiHack v1.7/scripts/damagecutout_female.txt
Resource
win7-20240220-en
Behavioral task
behavioral32
Sample
MultiHack v1.7/scripts/damagecutout_female.txt
Resource
win10v2004-20240508-en
Malware Config
Extracted
redline
@bloodyrain12
147.45.47.93:80
Targets
-
-
Target
MultiHack v1.7.zip
-
Size
3.7MB
-
MD5
8f23df152d21164e65c9ec0075438092
-
SHA1
d7da33a9562eff23285b9c3c03663f7d486a8cfd
-
SHA256
9e5350ebbbe71cde0e195735289355187d11af0ce0b625cb16ded5f0f3b98744
-
SHA512
c3be73b3d9fd59c4db5155afaa47beb36903fa8c0680f25f1ebd7ffc067aa7b78b9358deba96de95fde1725b2bb10bebd71221dd097a976556dfad9a3b14af0a
-
SSDEEP
98304:WOMjLhIEsDwTDhjgUqLGEjYOjS6qmRsjOmdYS01jjMT:NMjdIZER+SGsjf0BjC
Score1/10 -
-
-
Target
MultiHack v1.7/Loader.exe
-
Size
613KB
-
MD5
eaf135289c47813fb42ca5c8725a318c
-
SHA1
b10df8a1ed28477738aa49d13075ae379cee59e4
-
SHA256
d32338a207e0c9389388cebeb45abe709e4dc6fe02d0f8267b478fd2cfeb1760
-
SHA512
c9288aee9876d006ce998753785982c086382ecbfaecb0f6fca7e445ce0f42efe3375771e0d9211f3dadcf09476c607584c09038dd970c325cc1d314ccc0abed
-
SSDEEP
12288:k55CP3Izb3vmJxMtTCGpZo0kidUBHZ2MErqp4tv/D7YmvDeDidYA7j//GrzS3emc:kqPIHmKTCGDoT
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Legitimate hosting services abused for malware hosting/C2
-
Suspicious use of SetThreadContext
-
-
-
Target
MultiHack v1.7/README.txt
-
Size
593B
-
MD5
56ac5cfa302606d805191effada66a16
-
SHA1
0b79424881154ce74ca5b5aeb217cc302425b1fc
-
SHA256
6d816df54c5d2be2396257bf3fbe345a10fafe78766e13b727f49e09793d66eb
-
SHA512
c28905e539adf0d471d7ac8bfb8bf887f179160c15f41880f55d8b0bd4ecf35238e70fd7f9484371b78c796447a46186210710f33f24360896cc292a76b7c160
Score1/10 -
-
-
Target
MultiHack v1.7/jvm.cfg
-
Size
4KB
-
MD5
e9da54c707da4e8ab2306b9f7c5f30ae
-
SHA1
f229561832df50b9b2bbea74c7234423d9e0a61f
-
SHA256
76c6dedcc8f51e80c08b8bead23af8168ffa0de26c57e546cefff2f4cf318bcb
-
SHA512
d1be773d908e4eb1cdb34a3d4b9a4b2c179026711893f81cbbbeb0571388f5d44b0ade12c351e4f81439a7afd5dbfe1445d1bdd142c4c31ccf4d1ddb6ad45931
-
SSDEEP
96:si28cXGJMpOMRVF4U6Awknpwuwjv3EgYWb8hsqWPMWMrEWBnKvTgWTWekqP3sA7L:pch/K
Score3/10 -
-
-
Target
MultiHack v1.7/scripts/actbusy.txt
-
Size
15KB
-
MD5
d763b32d55c33aaa35d84b585a53a379
-
SHA1
3dc086805ff3c4599e45abd6784280437ac67fea
-
SHA256
afd4677654c86372826ac4be0e41c48c33abdbab72a709e1f476c34abc52f82d
-
SHA512
1276a7c16d1bf751c8289030bd0a5340758022b77232b785872f86dcd6f2b6c0b7ed77e30904731bc7563ed23c9d44e9a8fa47e6b442942d300dca6f8a97c65c
-
SSDEEP
96:sHk6/2MMr2xb+LN1yxaeky2ySutP3dvZ26UCN/OCOgM40kAvpOi3HUbAU/2CxGE/:6V02b+LWx5tP3dvDN/Z5jxGEqxKroe
Score1/10 -
-
-
Target
MultiHack v1.7/scripts/actremap.txt
-
Size
4KB
-
MD5
f83aee55b22442f691bc778dc8098f63
-
SHA1
bd6ddb194c4f8085c1cf7a1319bf9d11c041e7da
-
SHA256
c2b67cfac752e75a79cfcfc72443bf7056f7e769489f638963788dd2215c549c
-
SHA512
dad3a988fe85414888061c16c78dcbce275161d8898c13e12a10db907037b9ee67e0f17c3e994b201e7b5cea88f474e418332630a8c521b54c79fb72189178c3
-
SSDEEP
96:0Ha6jb1v46FeqqJbKPJuZLJBKLJYq9JfJNOAOpqZJLJ1OkOw:b6X1VWJbKPJSJBKLJVJfJNOAOkJLJ1O8
Score1/10 -
-
-
Target
MultiHack v1.7/scripts/audio_options.txt
-
Size
4KB
-
MD5
d9f440fb788a0c9d29f4e4d1e7a0313a
-
SHA1
0f4c2b123b62727c2acf64a3bdd18581d078e000
-
SHA256
f379f2f36476831900d165eba21514d0c3fdba1a15c7306bade0c7d4ff44bcd2
-
SHA512
5d86a9743d1a630f84b4c932e62e13665a20d43d16709d00e64f4e6f5d35f273436165d0bf239986e27dafcd32eb926e7b3ddde269df3f929ecd6b8117f88dee
-
SSDEEP
96:GQ+lBQ+0y+Gqy+Oyy+9y+iy+Ry+Py+2h6y+ky+U:s9yhe
Score1/10 -
-
-
Target
MultiHack v1.7/scripts/bonus_maps_manifest.txt
-
Size
43B
-
MD5
202c4a9d2d9aca6da3676c9e54b5e2b7
-
SHA1
81a2af1ced9353891d9df68b79650c62ce0f03b4
-
SHA256
7ceabfaf88ce7a25fb60adff6eef71cd9ab66cb5984c0d2d510318d493b8e61c
-
SHA512
8a71d84c64ed0e17ea2b1f99dc7d338ca24db5429594bc128b0c46543b2aa7246ddbdc53f61fd6af6020c801b754f51cf96054f7e8f6cc6a1d6970f247e41c87
Score1/10 -
-
-
Target
MultiHack v1.7/scripts/bugreporter_defaults.txt
-
Size
19B
-
MD5
ccb652b81adfaba6974e3887b3df800e
-
SHA1
c25c4857ff14fb3b73462a3e04b3daa6286c3564
-
SHA256
2cb6de377ded7f799694df38f83c446d1fd41e61d6eb6f16008072ebd4933448
-
SHA512
0939cf2a1d749bf34ea34a1ea23da0c05e6724b40d00cf7451fbfbf101a69f1a9dc39652a85cd6c3b3dfdbcc580cda83896c16ba50e6fdd8156e8f0ba88af27a
Score1/10 -
-
-
Target
MultiHack v1.7/scripts/chapterbackgrounds.txt
-
Size
37B
-
MD5
1e81f5e15466f87fcf870f75080612ee
-
SHA1
71b506dcd9c01947203cef8ccb7095b97f35dce8
-
SHA256
9bbedd3e085bfe5c469a54f732589813ed6af1d05b64f1bf08fcb0fb90c52dc4
-
SHA512
c850f84f453c0fa748c929873a1d23f74856b52bcae15cca82577a42f42bb437cd9a59c48a51c0e24544fb29e2968d1f02e534cca76cb3d2a0151fc70ac1b22b
Score1/10 -
-
-
Target
MultiHack v1.7/scripts/clientmenu.txt
-
Size
6KB
-
MD5
d80932b6bb50903f23b5a4efdcbf41f3
-
SHA1
5a4691830d5eade69feb0c94f0d3adbbd56873c5
-
SHA256
dd775b8bf839a2be6e8c62be9effde60b6788b980001bf20a5655acfb53e6ac4
-
SHA512
4b3dbc0ce19d943ca82dccb06f865caddc81edd223becf13aca503a14e3a7df7982ed2e819414bbf2ae4e60acf599fe9f6c827161bd9773a9da29364131efa55
-
SSDEEP
96:h9x0KtKLJoAyxcJx3z0Mb6vlAlilylrcEQw3RQdQCQz3N/3f:LK9oAyxcJx3R6qcE/3Rc3U3Nff
Score1/10 -
-
-
Target
MultiHack v1.7/scripts/controller_options.txt
-
Size
6KB
-
MD5
a300f751268f4b5245852bbffef58ee3
-
SHA1
fa4e46b1bb102f1829718a117178fb276af711c5
-
SHA256
828a5fb1b7677e40f6bfbf613e5b6e90cf6a3baf051caa7ffceb64f61ff7754b
-
SHA512
68ff02e38a447010b1458dd6fd996090fd2e2b68c2406b1da8c99114c5251803c5cc31e6e0d3f93a3e4f20c73acda0ab7e9d14ade066acb6264b5ecc06017c9a
-
SSDEEP
48:bngsJsVvsHa0ysjThsjJy5tM3FDsL5+CFDsL45Qs2L3YsuYMUe/lIPIR1ldt1XFB:8IaXy43FDQJFDL0LIDisxNq2cDtHt3q
Score1/10 -
-
-
Target
MultiHack v1.7/scripts/credits.txt
-
Size
8KB
-
MD5
983d4bdae61208bec7abc5b3ca90cfa0
-
SHA1
bb8ee1e7a573f534296f27c1765e86b2485634ac
-
SHA256
0c1a72c59da09f61ff3d3011fa8a798766ac167452c19bd4db092715b9d83ace
-
SHA512
8350359855d2d793a26f1b1a80cc4f5cd495875d56f6a2882b014e44d9aa2503447c9f481ab898f978bb68186f0e0894d7475fc5ef4331dd7bc768b5ac69d199
-
SSDEEP
96:LJCt8psGFw8NUnBNKYznm7z7yXYWware9jjz9U5UcangO83JQqwSpOhlGLOoZ9aR:0tR/Znm7fy7eX7cagHkOcmV4TFWm
Score1/10 -
-
-
Target
MultiHack v1.7/scripts/damagecutout.txt
-
Size
22KB
-
MD5
e64857cf92b6565dab38838a2e92ea67
-
SHA1
c74ea6e46de465f5f4dc62af831fe83d8d49c6c8
-
SHA256
fd31b2f7d9d0fcacf36a14ab0791f3db99d4c6d3474f03301acbefc4543d379c
-
SHA512
bd2cc635efa539f6307d83cb6e5960ba214f328e3530ca9e24d63fd9b666f38577d7c2a8eb32668099e9859010ffcf1391a04ee541be66c8be134d9678c9dc9b
-
SSDEEP
192:Yg5r9O4uGiNKptEDATB0zdEiA4ZVSLBTolbobpn:Yg6G+ATB0z5AgGBThbpn
Score1/10 -
-
-
Target
MultiHack v1.7/scripts/damagecutout_ceda.txt
-
Size
12KB
-
MD5
f06651f3af4548e13ca1c6c469cb5ebc
-
SHA1
cfeec9e81fa2a404f3ec48b36c62d864ae3245ab
-
SHA256
92a628450dc3328ee33e8c7437112587840cf860c526216930df35f0329729a9
-
SHA512
5875a20ea0cf9e050fd3db5d209558397310db6c7adfe8457dfd09da9c506c2abbefb7ed902e5d1b347fb37add9e34f770b3416c9f6f12379436662502b722e8
-
SSDEEP
96:hQxuG58PpXRXGKJGOpXQ+X5oJ1EpXPyX5oulopXe/O2oespXVSI+V44pX8xx424q:C/5peniDATB6dlEkA4ZLQSBdzrpY
Score1/10 -
-
-
Target
MultiHack v1.7/scripts/damagecutout_female.txt
-
Size
22KB
-
MD5
7624c8d64a6a5ae9d8bad827a70c637a
-
SHA1
0b2418bc25521bc56675a056185c14919de780e4
-
SHA256
3db9c42023c211d8d6609256fd618b725d03b01570f61a8e4d295345d2677db8
-
SHA512
27ab317f449a40308de3b0e2a55425052d98942e97e3ea1e94ab8ca91eaee41dfa226f02e4166d64a7a67047490ad2a59a8a2da9d64cf0b28a77bef1b99c478e
-
SSDEEP
192:fN15CX/5snzvfATBxzuE44Z7KrBTF7BHMX:fNvJTATBxz2g0BT3HM
Score1/10 -