Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
8c67f7a31914a4a43fe3ddfa65b330362c428027f2d43212600b69cd0f5b59ee
-
Size
338KB
-
Sample
240715-dnh15axgrc
-
MD5
f3c5193858d37c821760faac17e5f75e
-
SHA1
91d73859b2fedbda6ae0f5a4b4f3de0f54d6671a
-
SHA256
8c67f7a31914a4a43fe3ddfa65b330362c428027f2d43212600b69cd0f5b59ee
-
SHA512
42ef18abd180b9c62fc7690fb97b5e33725d01f8330fe209825b78ea5d58ae9aea80d171c6b9fc8134fb103b4fa109fc5f3e4ec24e56a35ec815c81dbb67c564
-
SSDEEP
6144:ZwTSy/BpP+AegMMtRvu3LqBOkQWrfQlMTCfxZs1KjqQiF0Kdp22di8MEO:Z8pP6gMEhzYz8wjABphi8MEO
Static task
static1
Behavioral task
behavioral1
Sample
8c67f7a31914a4a43fe3ddfa65b330362c428027f2d43212600b69cd0f5b59ee.exe
Resource
win10v2004-20240709-en
Behavioral task
behavioral2
Sample
8c67f7a31914a4a43fe3ddfa65b330362c428027f2d43212600b69cd0f5b59ee.exe
Resource
win11-20240709-en
Malware Config
Extracted
redline
6951125327
https://t.me/+7Lir0e4Gw381MDhi*https://steamcommunity.com/profiles/76561199038841443
Targets
-
-
Target
8c67f7a31914a4a43fe3ddfa65b330362c428027f2d43212600b69cd0f5b59ee
-
Size
338KB
-
MD5
f3c5193858d37c821760faac17e5f75e
-
SHA1
91d73859b2fedbda6ae0f5a4b4f3de0f54d6671a
-
SHA256
8c67f7a31914a4a43fe3ddfa65b330362c428027f2d43212600b69cd0f5b59ee
-
SHA512
42ef18abd180b9c62fc7690fb97b5e33725d01f8330fe209825b78ea5d58ae9aea80d171c6b9fc8134fb103b4fa109fc5f3e4ec24e56a35ec815c81dbb67c564
-
SSDEEP
6144:ZwTSy/BpP+AegMMtRvu3LqBOkQWrfQlMTCfxZs1KjqQiF0Kdp22di8MEO:Z8pP6gMEhzYz8wjABphi8MEO
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-