Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
8d0a88fb92cebd99e9104f62855693e0217df0a79bf91600281c986387ccef3a
-
Size
751KB
-
Sample
240614-bj6khsygrd
-
MD5
7f19560c3e3968a7fa94beaf1ddcb636
-
SHA1
65db45b284de8a5c5d77cf8673c732a98cb16361
-
SHA256
8d0a88fb92cebd99e9104f62855693e0217df0a79bf91600281c986387ccef3a
-
SHA512
bb0a1bc7d0b6e30c331c1f1a5597a45482d7d91e97158d576381ada74af4f526e482c0cb4c73fb1d20606f46d2f2e531385e5ec14803697cf19a4bd0aa3fdb53
-
SSDEEP
12288:lMrLy908zdk4hMXuDzpmrrXrO8+/UJHc6qoEiD8Zi7sEV10sFn5A9oDHDPq1QGAV:qy3hk2DzIbO8goHc6JEm8VEV1ddv+1QB
Static task
static1
Behavioral task
behavioral1
Sample
8d0a88fb92cebd99e9104f62855693e0217df0a79bf91600281c986387ccef3a.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
redline
diza
185.161.248.37:4138
-
auth_value
0d09b419c8bc967f91c68be4a17e92ee
Targets
-
-
Target
8d0a88fb92cebd99e9104f62855693e0217df0a79bf91600281c986387ccef3a
-
Size
751KB
-
MD5
7f19560c3e3968a7fa94beaf1ddcb636
-
SHA1
65db45b284de8a5c5d77cf8673c732a98cb16361
-
SHA256
8d0a88fb92cebd99e9104f62855693e0217df0a79bf91600281c986387ccef3a
-
SHA512
bb0a1bc7d0b6e30c331c1f1a5597a45482d7d91e97158d576381ada74af4f526e482c0cb4c73fb1d20606f46d2f2e531385e5ec14803697cf19a4bd0aa3fdb53
-
SSDEEP
12288:lMrLy908zdk4hMXuDzpmrrXrO8+/UJHc6qoEiD8Zi7sEV10sFn5A9oDHDPq1QGAV:qy3hk2DzIbO8goHc6JEm8VEV1ddv+1QB
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Detects executables packed with ConfuserEx Mod
-
Executes dropped EXE
-
Adds Run key to start application
-