Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Tool.zip
-
Size
37.0MB
-
Sample
240715-epf4laxcmr
-
MD5
27ae86a9f43183e11a50817f33bdcef5
-
SHA1
aeff55bf8208b5e028540e204f71c26a547940e6
-
SHA256
745a35df6cc0345cbe54c6383f742fb1a3aa9d8e43aa8dbb4aba2412c5dab6dd
-
SHA512
56f6dc276cde284757558d0a4110bf6c304bad7f23341788ed7d1da3eca26412d0e8f9676dbc9a92e9c105b6467fc4b4261771ca14b1da1a23da8331b4ec07a0
-
SSDEEP
786432:RgBBnzU0ojNoikkK9zwwe46+kStqk1kHXXit+EYHBGsDBZM5wR7UMPl36FQnt:aBBnzXojNo19zXZrqk1k3XZXHBGsDBZ5
Static task
static1
Behavioral task
behavioral1
Sample
Tool/Tool.exe
Resource
win10v2004-20240709-en
Malware Config
Extracted
redline
tgsetupfudvero
51.195.206.227:38719
Targets
-
-
Target
Tool/Tool.exe
-
Size
4.4MB
-
MD5
d48f62048d05fe25ae38bea06ec96e95
-
SHA1
d21c8d35ee8abba7d456542ebb1ea8d1f2ad6bfa
-
SHA256
3110a13a098e03ca4ebadf301969f5957d760fd85df25b71401bedcfcd91bf67
-
SHA512
c715b36e7163b7c06bb64d7d57743885691cb7db6b945be5a2acb40c937a7fe28873450bac8b79a6882cba53afa679cc2298dc8f90e6c1c7d1ceed692ea91b4e
-
SSDEEP
49152:K9lUVYIliyVMXHjQh/PERTLBsX1hfQikQ04La0c8DHOXToGo4b/iJVUm4FnMor2R:9dWTQh/PhJRJeoRO/ismwrc
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-