Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
940d522ebe4f0ea7b476a6fd96c19c4ef8737681252c3bb125b2fa70e61777e3
-
Size
338KB
-
Sample
240715-d2ln6sydrc
-
MD5
f42ce22348a4025f60aaf8862de664bc
-
SHA1
603955fbac1d88200fa3309565f15d7197a199a1
-
SHA256
940d522ebe4f0ea7b476a6fd96c19c4ef8737681252c3bb125b2fa70e61777e3
-
SHA512
43ed750cf04bb5061e70624ca547fdead79378d62f8d94889d8c3e0c02d6a2ee9f8ded086e6ede37cfa71b8c027fc4d10b561043b4c9a965f200ecd2bacdd5b3
-
SSDEEP
6144:NwrSC/JpP+AegMMtRvu3LqBOkQWrXwXwvQ0VXqcE97w+NCdSO2di8UEO:N4pP6gMEBsgvQ0Vow+NCdii8UEO
Static task
static1
Behavioral task
behavioral1
Sample
940d522ebe4f0ea7b476a6fd96c19c4ef8737681252c3bb125b2fa70e61777e3.exe
Resource
win10v2004-20240709-en
Behavioral task
behavioral2
Sample
940d522ebe4f0ea7b476a6fd96c19c4ef8737681252c3bb125b2fa70e61777e3.exe
Resource
win11-20240709-en
Malware Config
Extracted
redline
6951125327
https://t.me/+7Lir0e4Gw381MDhi*https://steamcommunity.com/profiles/76561199038841443
Targets
-
-
Target
940d522ebe4f0ea7b476a6fd96c19c4ef8737681252c3bb125b2fa70e61777e3
-
Size
338KB
-
MD5
f42ce22348a4025f60aaf8862de664bc
-
SHA1
603955fbac1d88200fa3309565f15d7197a199a1
-
SHA256
940d522ebe4f0ea7b476a6fd96c19c4ef8737681252c3bb125b2fa70e61777e3
-
SHA512
43ed750cf04bb5061e70624ca547fdead79378d62f8d94889d8c3e0c02d6a2ee9f8ded086e6ede37cfa71b8c027fc4d10b561043b4c9a965f200ecd2bacdd5b3
-
SSDEEP
6144:NwrSC/JpP+AegMMtRvu3LqBOkQWrXwXwvQ0VXqcE97w+NCdSO2di8UEO:N4pP6gMEBsgvQ0Vow+NCdii8UEO
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-