Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
9152f7f728a81d719eeb8791a097b3a91cdfaaf57bce8d5c8506192eeb55a3c0
-
Size
338KB
-
Sample
240715-bfnwastcnf
-
MD5
6d4ce017ef63e4b925ba95ae05e473c7
-
SHA1
98dbc3f01381fcc0ba1a1b52cd88c8fba61e02ce
-
SHA256
9152f7f728a81d719eeb8791a097b3a91cdfaaf57bce8d5c8506192eeb55a3c0
-
SHA512
9bccf5a4db39e21bdb04abb632fa5ee87cd8384c6ada32a6c05b6ca8f543cbcbba03c9db9a280dc27d3a5530eb122eb0d65983ce3fa1f1c18af3c2265d6371f9
-
SSDEEP
6144:pwDS//xpP+AegMMtRvu3LqBO/QWraUfnQN2kVvmQ7251XL32di8vEO:pjpP6gMESOUvgc62Pbyi8vEO
Static task
static1
Behavioral task
behavioral1
Sample
9152f7f728a81d719eeb8791a097b3a91cdfaaf57bce8d5c8506192eeb55a3c0.exe
Resource
win10v2004-20240709-en
Behavioral task
behavioral2
Sample
9152f7f728a81d719eeb8791a097b3a91cdfaaf57bce8d5c8506192eeb55a3c0.exe
Resource
win11-20240709-en
Malware Config
Extracted
redline
6951125327
https://t.me/+7Lir0e4Gw381MDhi*https://steamcommunity.com/profiles/76561199038841443
Targets
-
-
Target
9152f7f728a81d719eeb8791a097b3a91cdfaaf57bce8d5c8506192eeb55a3c0
-
Size
338KB
-
MD5
6d4ce017ef63e4b925ba95ae05e473c7
-
SHA1
98dbc3f01381fcc0ba1a1b52cd88c8fba61e02ce
-
SHA256
9152f7f728a81d719eeb8791a097b3a91cdfaaf57bce8d5c8506192eeb55a3c0
-
SHA512
9bccf5a4db39e21bdb04abb632fa5ee87cd8384c6ada32a6c05b6ca8f543cbcbba03c9db9a280dc27d3a5530eb122eb0d65983ce3fa1f1c18af3c2265d6371f9
-
SSDEEP
6144:pwDS//xpP+AegMMtRvu3LqBO/QWraUfnQN2kVvmQ7251XL32di8vEO:pjpP6gMESOUvgc62Pbyi8vEO
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-