Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
podrebro.zip
-
Size
59.0MB
-
Sample
240714-hk3ctazgpk
-
MD5
099e8c57a00d32582e52142fe56ff139
-
SHA1
546e734f1d7d486b47635c8aa610e6b3a229ffc2
-
SHA256
7706a695da0b080283cb224d820e8e3976ea32c8845c71362af539ddcaf30fa3
-
SHA512
6c967650c00d3c8c90a9787321ffddb330c26173d92990778b4bfc32d6261ac9d0e5b3c635b6731489c39956417c653bf6990c251d6685c3614e521d96efd376
-
SSDEEP
1572864:puPDz3bj8z15h6U9f8NFx8LdAtkH+xg+recPWNW2/LfGU:Mb/21f6Uh8odAtkeg2WzR
Behavioral task
behavioral1
Sample
podrebro/safeline v2.exe
Resource
win10v2004-20240709-en
Malware Config
Extracted
redline
185.196.9.26:6302
Targets
-
-
Target
podrebro/safeline v2.exe
-
Size
1.4MB
-
MD5
ea1bb9072eb5de3f8ab97136c4356413
-
SHA1
13712e211ff8a312713e3898b76302fe99f77608
-
SHA256
8062c187f15a2d4662ea5c7beb919159e992966d56ba29d1067516edb35d4aa9
-
SHA512
a14ab330221d2895000c7a8abc516f352dc6197f7a54fbe890d295190794eb0cc08fc9e6fb6a3a783e2a7a6ad3c544ffc1638e2f0eee1c184e8a5ce170fc369f
-
SSDEEP
24576:5UsajnFmkLlnKZGMZQx/OkmuRgsOK1pf/OGQdZUkWNN:5U0IMZQx/OkmuRgsOK1pf/OGQdZUkWNN
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-