Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
602a4ddfabfe7c1b5fa31290e5295a89.bin
-
Size
124KB
-
Sample
240705-cb94easbpe
-
MD5
23d5e75f49c5e3d3d78a77f34e318bd5
-
SHA1
fd25302a55348cec9a74182f0d93e1c3ceddba90
-
SHA256
025c50dc386c2be79d51d68465d02c97887696b9308af622b169cc51f6c55aa4
-
SHA512
a5cd8d24c541b6983fc9507cda3760faa1215c1fcf3f5cae817e0970d5b87f95662202808fb4ffb5e119a9e0b0a1df08783a49e5ac2ba058d9f535965d4aae4f
-
SSDEEP
3072:lr3IFZ5RdITmom1Q4DvPJGISUGJ3K+157Z9E3zAMn8Uq:lr3AcpgbPBvGJ3Km7Z9EjAonq
Static task
static1
Behavioral task
behavioral1
Sample
364e1e1ec53644f83d25bc6457b64f5517c3ae19cf17cc725c91fd3faeba17ba.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
364e1e1ec53644f83d25bc6457b64f5517c3ae19cf17cc725c91fd3faeba17ba.exe
Resource
win10v2004-20240704-en
Malware Config
Extracted
redline
foz
79.110.62.16:1912
Targets
-
-
Target
364e1e1ec53644f83d25bc6457b64f5517c3ae19cf17cc725c91fd3faeba17ba.exe
-
Size
648KB
-
MD5
602a4ddfabfe7c1b5fa31290e5295a89
-
SHA1
faf33c2b48f6f4f9f6937cbd63655bcd7072677a
-
SHA256
364e1e1ec53644f83d25bc6457b64f5517c3ae19cf17cc725c91fd3faeba17ba
-
SHA512
8a18dd7501e9a509558f858ac684dd5030aff62a073f6307de4d4d27c0a6b39d824f637c7305c648cab23ad68d54a6eb8b62d23e667c3f04c01641e22ca56ad1
-
SSDEEP
6144:YgZCAQw89v2xG/o58ZsyW0YRpM8q94nhOc8mf4H444l:SAu8OWe8q9wOcr4H444l
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-