Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
3de1df3bb5e39deb551870ed8d095badd4be64d6255d410db259ee7c874ff2eb
-
Size
338KB
-
Sample
240715-a3nndazepr
-
MD5
7533bf456c88e3e5afaf4bf605a17464
-
SHA1
3300ac9a6adfe566b2e67ce1e233ccaec5e869c9
-
SHA256
3de1df3bb5e39deb551870ed8d095badd4be64d6255d410db259ee7c874ff2eb
-
SHA512
74fb0f0da71a452a97aabdae43eb0ed822562e6ea9a1aa90e4281041fb64d30882980294d489f100263bcfc9cb91b4498662f2b965b4ce8403e5f961e5bc46e4
-
SSDEEP
6144:/Y1jumalKcYdvkMEdRE29UHYOhQWrsJwhOuo8X2Ll02di8bEO:/aEKc+kMcILo8Xkzi8bEO
Static task
static1
Behavioral task
behavioral1
Sample
3de1df3bb5e39deb551870ed8d095badd4be64d6255d410db259ee7c874ff2eb.exe
Resource
win10v2004-20240709-en
Behavioral task
behavioral2
Sample
3de1df3bb5e39deb551870ed8d095badd4be64d6255d410db259ee7c874ff2eb.exe
Resource
win11-20240709-en
Malware Config
Extracted
redline
6951125327
https://t.me/+7Lir0e4Gw381MDhi*https://steamcommunity.com/profiles/76561199038841443
Targets
-
-
Target
3de1df3bb5e39deb551870ed8d095badd4be64d6255d410db259ee7c874ff2eb
-
Size
338KB
-
MD5
7533bf456c88e3e5afaf4bf605a17464
-
SHA1
3300ac9a6adfe566b2e67ce1e233ccaec5e869c9
-
SHA256
3de1df3bb5e39deb551870ed8d095badd4be64d6255d410db259ee7c874ff2eb
-
SHA512
74fb0f0da71a452a97aabdae43eb0ed822562e6ea9a1aa90e4281041fb64d30882980294d489f100263bcfc9cb91b4498662f2b965b4ce8403e5f961e5bc46e4
-
SSDEEP
6144:/Y1jumalKcYdvkMEdRE29UHYOhQWrsJwhOuo8X2Ll02di8bEO:/aEKc+kMcILo8Xkzi8bEO
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-