Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
d5ad720fa67bbce2d11544ad3c211424.exe
-
Size
338KB
-
Sample
240715-h1hcksxcnh
-
MD5
d5ad720fa67bbce2d11544ad3c211424
-
SHA1
e9f63402b2eaabbdcc6cb5ec95e328f9620cd170
-
SHA256
2ef0f582367a7674aef245acb06977bf646419f1f8d05c7fb07881a6102f982e
-
SHA512
d8a8ae60abec80b7cfd7c9b9bc19d2f2594d1ecee0a28cf9a2f545afc7ef0ee59ca7a073edb8415f006662ed2095f9f3c190abed5023b81e094724c04ba153c6
-
SSDEEP
6144:RY1jkmalKcYdvkMEdRE29UHYOhQWr3y/7qpKfQmhapjXFISRn2di8bEO:RcEKc+kMcI+IKImcFISAi8bEO
Static task
static1
Behavioral task
behavioral1
Sample
d5ad720fa67bbce2d11544ad3c211424.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
d5ad720fa67bbce2d11544ad3c211424.exe
Resource
win10v2004-20240709-en
Malware Config
Extracted
redline
6951125327
https://t.me/+7Lir0e4Gw381MDhi*https://steamcommunity.com/profiles/76561199038841443
Targets
-
-
Target
d5ad720fa67bbce2d11544ad3c211424.exe
-
Size
338KB
-
MD5
d5ad720fa67bbce2d11544ad3c211424
-
SHA1
e9f63402b2eaabbdcc6cb5ec95e328f9620cd170
-
SHA256
2ef0f582367a7674aef245acb06977bf646419f1f8d05c7fb07881a6102f982e
-
SHA512
d8a8ae60abec80b7cfd7c9b9bc19d2f2594d1ecee0a28cf9a2f545afc7ef0ee59ca7a073edb8415f006662ed2095f9f3c190abed5023b81e094724c04ba153c6
-
SSDEEP
6144:RY1jkmalKcYdvkMEdRE29UHYOhQWr3y/7qpKfQmhapjXFISRn2di8bEO:RcEKc+kMcI+IKImcFISAi8bEO
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-