Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
BLTools v2.7.8.exe
-
Size
6.0MB
-
Sample
240713-28hsvszhmk
-
MD5
18e51393ff0524593ae38fd47c9515ca
-
SHA1
9a5705539d6f310ca79dfd25aa146ec42a3353bc
-
SHA256
90ec6b9de003940106cfcdc8403d0755c2a0e2e185e26077e9ee2989bb6eb319
-
SHA512
8475c4a06ac9ae7bad83679f0d7ba1c0c5a367df821dc695a36493df058fff319910c2567993ee02ef85d5f0be847e889e566254b35ba594358b5907cc1eb426
-
SSDEEP
24576:OUWdPtcKrMDCwSDyFf9/4yH6DPOa0QNOou7Oq:OUWdlcmMDCwXFwyH6DPOaXOou7
Static task
static1
Behavioral task
behavioral1
Sample
BLTools v2.7.8.exe
Resource
win10-20240611-en
Malware Config
Extracted
redline
7189937467
https://pastebin.com/raw/KE5Mft0T
Targets
-
-
Target
BLTools v2.7.8.exe
-
Size
6.0MB
-
MD5
18e51393ff0524593ae38fd47c9515ca
-
SHA1
9a5705539d6f310ca79dfd25aa146ec42a3353bc
-
SHA256
90ec6b9de003940106cfcdc8403d0755c2a0e2e185e26077e9ee2989bb6eb319
-
SHA512
8475c4a06ac9ae7bad83679f0d7ba1c0c5a367df821dc695a36493df058fff319910c2567993ee02ef85d5f0be847e889e566254b35ba594358b5907cc1eb426
-
SSDEEP
24576:OUWdPtcKrMDCwSDyFf9/4yH6DPOa0QNOou7Oq:OUWdlcmMDCwXFwyH6DPOaXOou7
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Legitimate hosting services abused for malware hosting/C2
-