Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
29655aaef91cebf364f529a19c1b435834cb0ea08e976b77765d202d5b6d056f.exe
-
Size
2.9MB
-
Sample
240714-kvdtbawfle
-
MD5
42208ec96d3a525eb6c8fb7039dc680a
-
SHA1
d32a62d8f0f3ae105196b8ce7ca9d4fdf3aaae4e
-
SHA256
29655aaef91cebf364f529a19c1b435834cb0ea08e976b77765d202d5b6d056f
-
SHA512
bd97e212e436d491ea6a2fb175ee268d4b7ee927c8817c71a6d5dbc99614e2f17878f35ed0d0aecffc01ec97739efa0d55d036ce0038a1d95965bbc2174abf10
-
SSDEEP
49152:ivFJ0Ig1/QIWcu54qQ+lZDK5HPo484AdEtZW3TANROzu8fmyc9mqU:E01obt6qQeDgHiXqwIOFfmy+
Static task
static1
Behavioral task
behavioral1
Sample
29655aaef91cebf364f529a19c1b435834cb0ea08e976b77765d202d5b6d056f.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
29655aaef91cebf364f529a19c1b435834cb0ea08e976b77765d202d5b6d056f.exe
Resource
win10v2004-20240709-en
Malware Config
Extracted
redline
TG-Source
amrican-sport-live-stream.cc:4581
-
auth_value
1a3c2a146bad47603eedf589c29c4868
Targets
-
-
Target
29655aaef91cebf364f529a19c1b435834cb0ea08e976b77765d202d5b6d056f.exe
-
Size
2.9MB
-
MD5
42208ec96d3a525eb6c8fb7039dc680a
-
SHA1
d32a62d8f0f3ae105196b8ce7ca9d4fdf3aaae4e
-
SHA256
29655aaef91cebf364f529a19c1b435834cb0ea08e976b77765d202d5b6d056f
-
SHA512
bd97e212e436d491ea6a2fb175ee268d4b7ee927c8817c71a6d5dbc99614e2f17878f35ed0d0aecffc01ec97739efa0d55d036ce0038a1d95965bbc2174abf10
-
SSDEEP
49152:ivFJ0Ig1/QIWcu54qQ+lZDK5HPo484AdEtZW3TANROzu8fmyc9mqU:E01obt6qQeDgHiXqwIOFfmy+
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-