Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

Injector.exe

windows10-2004-x64

10

Injector.exe

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Injector.bin.zip

  • Size

    753KB

  • Sample

    240625-xyqy9szfrl

  • MD5

    2e2d8db27d461e403c92955d4f9e92a6

  • SHA1

    52787837513ce948a3f2405cca2d837e9441bd14

  • SHA256

    450ba87bdd1d8aa6bbd6e8a5f5a1ded24a4133b4ffde46002b281a0f18216589

  • SHA512

    22f51fc755d613fd71f9df7b9660e259cec87a2f0dd2760dd394f16659627d239f2e153b152492c68ed5d1b14114e69d3e1eba6522603f8e6362b8848c99395b

  • SSDEEP

    12288:/c9SxbvSoXNR5Tn2+21M/OE2eQIviZt/negy22fnEdKEIQgkJRk/TNPPcwJG6bvU:/TBvJD5T2+zd96Zt/n222fEEEIQgkYT+

Score
10/10
redlineinfostealer

Malware Config

Extracted

Family

redline

C2

185.215.113.69:15544

Attributes
  • auth_value

    f8fe4a8075f18f92567eec19f355197c

Targets

    • Target

      Injector.bin

    • Size

      2.6MB

    • MD5

      1e927277321ea1ad6ea6adb21b93ecd8

    • SHA1

      e9f631c34c72ba0ea2cba5e8a43a5e25971a7960

    • SHA256

      734ea8ecd523dc64cca5a8c4c0541bef85d30caff7c5f90c68071716ed1f9957

    • SHA512

      5f80620b7ead02fca31f65b3322a9bdbee5f17c53c5c4e957cef0c57246f1af25421a7dc8f81e1099f9a67b6d8c0da9eb09a78d5e3b7edad82be3b363aefc94f

    • SSDEEP

      24576:eOuJEYEHyIvTv3YlYhIEY3uuMfqdKrRNFPVHKyako+LhVag+eyjtLjHuvLl3RuQi:LuJxESIvTscrDakXadeyjtGvLl3C

    Score
    10/10
    redlineinfostealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks