Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Software 1.30.1.exe
-
Size
596KB
-
Sample
240713-t3mkvs1ale
-
MD5
5f2f1a442fe547ffaf2d66c598f5375b
-
SHA1
18b22ec530ef3fbaf17cc7f68570d7040c8cee32
-
SHA256
eaa963864ffeb7d669b61683fef96465ae3b8830943686e2eae848b028a8d2cb
-
SHA512
1922d7e6b7405e53edf90d1b9e431531d2b1a5c20b9eb4a025f50eeaf1be42ecaf2a46d03938012c0203eb600960ce06e8d719c8dfc62a61af8f392df5265aa7
-
SSDEEP
12288:0Nmn79/KrdfJgMJ8GsQmz80v9ZiPqJWLM2LEA6oe6m+mppVOd36U2Dv5sNJL02aJ:Qmn79KjgQcv3l
Static task
static1
Behavioral task
behavioral1
Sample
Software 1.30.1.exe
Resource
win10v2004-20240709-en
Malware Config
Extracted
redline
@fgkyleoff
85.28.47.132:80
Targets
-
-
Target
Software 1.30.1.exe
-
Size
596KB
-
MD5
5f2f1a442fe547ffaf2d66c598f5375b
-
SHA1
18b22ec530ef3fbaf17cc7f68570d7040c8cee32
-
SHA256
eaa963864ffeb7d669b61683fef96465ae3b8830943686e2eae848b028a8d2cb
-
SHA512
1922d7e6b7405e53edf90d1b9e431531d2b1a5c20b9eb4a025f50eeaf1be42ecaf2a46d03938012c0203eb600960ce06e8d719c8dfc62a61af8f392df5265aa7
-
SSDEEP
12288:0Nmn79/KrdfJgMJ8GsQmz80v9ZiPqJWLM2LEA6oe6m+mppVOd36U2Dv5sNJL02aJ:Qmn79KjgQcv3l
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-