Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
ed201a1ddf68847ec6c32b104a5675a082f1b02ddcc136d994e74282321dfea7
-
Size
338KB
-
Sample
240714-3q8r1axgqp
-
MD5
d37e9041994348d5c1081ba9ebe45848
-
SHA1
4fb8f38f1946f0105c1d8f8b6f54016db737dd5e
-
SHA256
ed201a1ddf68847ec6c32b104a5675a082f1b02ddcc136d994e74282321dfea7
-
SHA512
fcdb826f8f4856d2a99761c6c2ee5c7c106e8d9c322e45a55de8ccce805ec05e37528edc47ad1d795f786c91130600c1a57418fb48fd5ec4dd1bb689af7fcc10
-
SSDEEP
6144:VwDSC/xpP+AegMMtRvu3LqBO/QWrM2OhkPNEtXKAJXODsEPG0c2di8vEO:VMpP6gMESRAa+XKkO9PGyi8vEO
Static task
static1
Behavioral task
behavioral1
Sample
ed201a1ddf68847ec6c32b104a5675a082f1b02ddcc136d994e74282321dfea7.exe
Resource
win10v2004-20240709-en
Behavioral task
behavioral2
Sample
ed201a1ddf68847ec6c32b104a5675a082f1b02ddcc136d994e74282321dfea7.exe
Resource
win11-20240709-en
Malware Config
Extracted
redline
6951125327
https://t.me/+7Lir0e4Gw381MDhi*https://steamcommunity.com/profiles/76561199038841443
Targets
-
-
Target
ed201a1ddf68847ec6c32b104a5675a082f1b02ddcc136d994e74282321dfea7
-
Size
338KB
-
MD5
d37e9041994348d5c1081ba9ebe45848
-
SHA1
4fb8f38f1946f0105c1d8f8b6f54016db737dd5e
-
SHA256
ed201a1ddf68847ec6c32b104a5675a082f1b02ddcc136d994e74282321dfea7
-
SHA512
fcdb826f8f4856d2a99761c6c2ee5c7c106e8d9c322e45a55de8ccce805ec05e37528edc47ad1d795f786c91130600c1a57418fb48fd5ec4dd1bb689af7fcc10
-
SSDEEP
6144:VwDSC/xpP+AegMMtRvu3LqBO/QWrM2OhkPNEtXKAJXODsEPG0c2di8vEO:VMpP6gMESRAa+XKkO9PGyi8vEO
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-