Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
3e54394d42cb8004e78994323058b17990e7bd4c8c4f94621ff9a8d93ab6bf64
-
Size
338KB
-
Sample
240715-erg4nszfkb
-
MD5
d7a3938f82334528c1d6bce9542fda75
-
SHA1
09d970e274be0866a6903cb187c81d28628d4f27
-
SHA256
3e54394d42cb8004e78994323058b17990e7bd4c8c4f94621ff9a8d93ab6bf64
-
SHA512
77c86ed4ee0a15a3d04e68404eb7f9637c2334248da8c726d72e3e253383cbc94d568d9e477d9b526061d8425a0989580f5c8f7c20096aabe73ad9061b116e95
-
SSDEEP
6144:RwTSv/BpP+AegMMtRvu3LqBOkQWrR/Q5VGgvopL72di8MEO:RTpP6gMEh4GF0i8MEO
Static task
static1
Behavioral task
behavioral1
Sample
3e54394d42cb8004e78994323058b17990e7bd4c8c4f94621ff9a8d93ab6bf64.exe
Resource
win10v2004-20240709-en
Behavioral task
behavioral2
Sample
3e54394d42cb8004e78994323058b17990e7bd4c8c4f94621ff9a8d93ab6bf64.exe
Resource
win11-20240709-en
Malware Config
Extracted
redline
6951125327
https://t.me/+7Lir0e4Gw381MDhi*https://steamcommunity.com/profiles/76561199038841443
Targets
-
-
Target
3e54394d42cb8004e78994323058b17990e7bd4c8c4f94621ff9a8d93ab6bf64
-
Size
338KB
-
MD5
d7a3938f82334528c1d6bce9542fda75
-
SHA1
09d970e274be0866a6903cb187c81d28628d4f27
-
SHA256
3e54394d42cb8004e78994323058b17990e7bd4c8c4f94621ff9a8d93ab6bf64
-
SHA512
77c86ed4ee0a15a3d04e68404eb7f9637c2334248da8c726d72e3e253383cbc94d568d9e477d9b526061d8425a0989580f5c8f7c20096aabe73ad9061b116e95
-
SSDEEP
6144:RwTSv/BpP+AegMMtRvu3LqBOkQWrR/Q5VGgvopL72di8MEO:RTpP6gMEh4GF0i8MEO
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-