Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Injector.bin.zip
-
Size
753KB
-
Sample
240625-xyqy9szfrl
-
MD5
2e2d8db27d461e403c92955d4f9e92a6
-
SHA1
52787837513ce948a3f2405cca2d837e9441bd14
-
SHA256
450ba87bdd1d8aa6bbd6e8a5f5a1ded24a4133b4ffde46002b281a0f18216589
-
SHA512
22f51fc755d613fd71f9df7b9660e259cec87a2f0dd2760dd394f16659627d239f2e153b152492c68ed5d1b14114e69d3e1eba6522603f8e6362b8848c99395b
-
SSDEEP
12288:/c9SxbvSoXNR5Tn2+21M/OE2eQIviZt/negy22fnEdKEIQgkJRk/TNPPcwJG6bvU:/TBvJD5T2+zd96Zt/n222fEEEIQgkYT+
Static task
static1
Behavioral task
behavioral1
Sample
Injector.exe
Resource
win10v2004-20240611-en
Behavioral task
behavioral2
Sample
Injector.exe
Resource
win11-20240611-en
Malware Config
Extracted
redline
185.215.113.69:15544
-
auth_value
f8fe4a8075f18f92567eec19f355197c
Targets
-
-
Target
Injector.bin
-
Size
2.6MB
-
MD5
1e927277321ea1ad6ea6adb21b93ecd8
-
SHA1
e9f631c34c72ba0ea2cba5e8a43a5e25971a7960
-
SHA256
734ea8ecd523dc64cca5a8c4c0541bef85d30caff7c5f90c68071716ed1f9957
-
SHA512
5f80620b7ead02fca31f65b3322a9bdbee5f17c53c5c4e957cef0c57246f1af25421a7dc8f81e1099f9a67b6d8c0da9eb09a78d5e3b7edad82be3b363aefc94f
-
SSDEEP
24576:eOuJEYEHyIvTv3YlYhIEY3uuMfqdKrRNFPVHKyako+LhVag+eyjtLjHuvLl3RuQi:LuJxESIvTscrDakXadeyjtGvLl3C
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-