Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
f03a33ebb76633ed02bd77525a9448b7cabceb79303664a4d7eb06309d8d5542
-
Size
338KB
-
Sample
240715-btn38a1hjr
-
MD5
e2590fa9d62c9f74fa866f0af17dfe36
-
SHA1
e0ba5eb2f80d1a2d9a338ab6092fc0b5d8747d88
-
SHA256
f03a33ebb76633ed02bd77525a9448b7cabceb79303664a4d7eb06309d8d5542
-
SHA512
8cf071606ddb316d0e4df637f08b57d5e57e723dee7a3e33b0d50d0e4d44cb015d209ebad0733d35756130490374ef946dfb7e21dd00f1f9937b2e7bfb1563f3
-
SSDEEP
6144:6wrSc/JpP+AegMMtRvu3LqBOkQWrH0wBKgu4gM4zxnoHfn2di8UEO:62pP6gMEBwwb0N8fCi8UEO
Static task
static1
Behavioral task
behavioral1
Sample
f03a33ebb76633ed02bd77525a9448b7cabceb79303664a4d7eb06309d8d5542.exe
Resource
win10v2004-20240709-en
Behavioral task
behavioral2
Sample
f03a33ebb76633ed02bd77525a9448b7cabceb79303664a4d7eb06309d8d5542.exe
Resource
win11-20240709-en
Malware Config
Extracted
redline
6951125327
https://t.me/+7Lir0e4Gw381MDhi*https://steamcommunity.com/profiles/76561199038841443
Targets
-
-
Target
f03a33ebb76633ed02bd77525a9448b7cabceb79303664a4d7eb06309d8d5542
-
Size
338KB
-
MD5
e2590fa9d62c9f74fa866f0af17dfe36
-
SHA1
e0ba5eb2f80d1a2d9a338ab6092fc0b5d8747d88
-
SHA256
f03a33ebb76633ed02bd77525a9448b7cabceb79303664a4d7eb06309d8d5542
-
SHA512
8cf071606ddb316d0e4df637f08b57d5e57e723dee7a3e33b0d50d0e4d44cb015d209ebad0733d35756130490374ef946dfb7e21dd00f1f9937b2e7bfb1563f3
-
SSDEEP
6144:6wrSc/JpP+AegMMtRvu3LqBOkQWrH0wBKgu4gM4zxnoHfn2di8UEO:62pP6gMEBwwb0N8fCi8UEO
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-