Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
D496EBB55135A8F961ED737136D27748.dll
-
Size
441KB
-
Sample
240713-1qgbmsydjq
-
MD5
d496ebb55135a8f961ed737136d27748
-
SHA1
7673817b6ab95b8bb11bc1fbad6ad3dc8c93da48
-
SHA256
29244f052351066085789c89168afb6ea928ce20a9d0061694babb6e562dd117
-
SHA512
9afc745aeb2bad4960aa267377b71caa6a2636a9eff737904b27e2c9853f7a9de74967fb99e5858cf000821b678d44aa9878801057c1f4377351649c041db869
-
SSDEEP
6144:AyuJWVtH+pv7DvmbfT101JohJFQE8tILgB1X7h6gWxG:AvJqtWvmbJ0bohJwILgB1X7v
Static task
static1
Behavioral task
behavioral1
Sample
D496EBB55135A8F961ED737136D27748.dll
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
D496EBB55135A8F961ED737136D27748.dll
Resource
win10v2004-20240709-en
Malware Config
Extracted
redline
478596
91.92.249.24:4808
Targets
-
-
Target
D496EBB55135A8F961ED737136D27748.dll
-
Size
441KB
-
MD5
d496ebb55135a8f961ed737136d27748
-
SHA1
7673817b6ab95b8bb11bc1fbad6ad3dc8c93da48
-
SHA256
29244f052351066085789c89168afb6ea928ce20a9d0061694babb6e562dd117
-
SHA512
9afc745aeb2bad4960aa267377b71caa6a2636a9eff737904b27e2c9853f7a9de74967fb99e5858cf000821b678d44aa9878801057c1f4377351649c041db869
-
SSDEEP
6144:AyuJWVtH+pv7DvmbfT101JohJFQE8tILgB1X7h6gWxG:AvJqtWvmbJ0bohJwILgB1X7v
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-