Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
f7891ca59e0907217db3eeafbe751e2d184317a871450b5ec401217a12df9d33.exe
-
Size
297KB
-
Sample
240714-l1bftawbnn
-
MD5
a20fc3377c07aa683a47397f9f5ff355
-
SHA1
13160e27dcea48dc9c5393948b7918cb2fcdd759
-
SHA256
f7891ca59e0907217db3eeafbe751e2d184317a871450b5ec401217a12df9d33
-
SHA512
dcdba7203efeea40366375fb54123b11bba972552795c64cbe912bef137698d308ea8e370732e5a65cba5687fbe6095bd53e5e1e49e3a6d8cf6912ebb61da254
-
SSDEEP
3072:zqFFrqwIOG/Zyzca1p8oT4ipvJYThdNS8TZ0fHIAcZqf7D34deqiOLCbBO9:OBIOG6h4Pdg8TZixcZqf7DInL
Behavioral task
behavioral1
Sample
f7891ca59e0907217db3eeafbe751e2d184317a871450b5ec401217a12df9d33.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
f7891ca59e0907217db3eeafbe751e2d184317a871450b5ec401217a12df9d33.exe
Resource
win10v2004-20240709-en
Malware Config
Extracted
redline
1307newbild
185.215.113.67:40960
Targets
-
-
Target
f7891ca59e0907217db3eeafbe751e2d184317a871450b5ec401217a12df9d33.exe
-
Size
297KB
-
MD5
a20fc3377c07aa683a47397f9f5ff355
-
SHA1
13160e27dcea48dc9c5393948b7918cb2fcdd759
-
SHA256
f7891ca59e0907217db3eeafbe751e2d184317a871450b5ec401217a12df9d33
-
SHA512
dcdba7203efeea40366375fb54123b11bba972552795c64cbe912bef137698d308ea8e370732e5a65cba5687fbe6095bd53e5e1e49e3a6d8cf6912ebb61da254
-
SSDEEP
3072:zqFFrqwIOG/Zyzca1p8oT4ipvJYThdNS8TZ0fHIAcZqf7D34deqiOLCbBO9:OBIOG6h4Pdg8TZixcZqf7DInL
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-