Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
92682078977a588ba4cc3dfe7ce9d744bf752a635ab73c027cdbae68ff8e749f_dump.exe
-
Size
109KB
-
Sample
240715-a87y7szhkj
-
MD5
2da5e6b97759d3537cbd23e9fdb2b770
-
SHA1
cabbf38051fa6657e28a12dee92042e44d8b72cb
-
SHA256
4103411f7bb66a033f9f5ce35839ba08b2a27d169e188a911185790f3b78bbf5
-
SHA512
7ea710ed16326bd0841f403c9db260a20dfec5f22fe2fd85970d51764e612c4a495a7c9abec6999dc8e1a7134656a4d65994c8f4cc138bb353b43a7be9b1698b
-
SSDEEP
1536:jr7WmLwJll8imS4qZyNRMCuCDGSLf0Rc/cVjpnrRWKkystINby+xXm8lMwGHG6w:jmdyGSLfIFtnrRKysYyMWvpm6w
Behavioral task
behavioral1
Sample
92682078977a588ba4cc3dfe7ce9d744bf752a635ab73c027cdbae68ff8e749f_dump.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
92682078977a588ba4cc3dfe7ce9d744bf752a635ab73c027cdbae68ff8e749f_dump.exe
Resource
win10v2004-20240709-en
Malware Config
Extracted
redline
6951125327
https://t.me/+7Lir0e4Gw381MDhi*https://steamcommunity.com/profiles/76561199038841443
Targets
-
-
Target
92682078977a588ba4cc3dfe7ce9d744bf752a635ab73c027cdbae68ff8e749f_dump.exe
-
Size
109KB
-
MD5
2da5e6b97759d3537cbd23e9fdb2b770
-
SHA1
cabbf38051fa6657e28a12dee92042e44d8b72cb
-
SHA256
4103411f7bb66a033f9f5ce35839ba08b2a27d169e188a911185790f3b78bbf5
-
SHA512
7ea710ed16326bd0841f403c9db260a20dfec5f22fe2fd85970d51764e612c4a495a7c9abec6999dc8e1a7134656a4d65994c8f4cc138bb353b43a7be9b1698b
-
SSDEEP
1536:jr7WmLwJll8imS4qZyNRMCuCDGSLf0Rc/cVjpnrRWKkystINby+xXm8lMwGHG6w:jmdyGSLfIFtnrRKysYyMWvpm6w
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-