Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
67520bf7ae01d65369c48247a46c9d6741bda91526868dd50127bf85e45e3292
-
Size
338KB
-
Sample
240715-hem1yawbmb
-
MD5
9b8b042e64dd47ab8a8232f6cffcd3c2
-
SHA1
c695243ed6934a606304bb0146b40f41461647e3
-
SHA256
67520bf7ae01d65369c48247a46c9d6741bda91526868dd50127bf85e45e3292
-
SHA512
bbf6fb7ab3d9ef8db7b136aa0334c9921ed65ff38207e4ee627a651012acb13bf72d2f22cdf03bd225534a1e5fc485ff7c7b52224ca56aadf571cfc5b767cff6
-
SSDEEP
6144:bwDSN/xpP+AegMMtRvu3LqBO/QWr+KGnhDiND0FmPX45f9ncUcNXAo8u2di8vEO:bFpP6gMESCdhOuFmP4VVcUcNXAo8Ji8F
Static task
static1
Behavioral task
behavioral1
Sample
67520bf7ae01d65369c48247a46c9d6741bda91526868dd50127bf85e45e3292.exe
Resource
win10v2004-20240709-en
Behavioral task
behavioral2
Sample
67520bf7ae01d65369c48247a46c9d6741bda91526868dd50127bf85e45e3292.exe
Resource
win11-20240709-en
Malware Config
Extracted
redline
6951125327
https://t.me/+7Lir0e4Gw381MDhi*https://steamcommunity.com/profiles/76561199038841443
Targets
-
-
Target
67520bf7ae01d65369c48247a46c9d6741bda91526868dd50127bf85e45e3292
-
Size
338KB
-
MD5
9b8b042e64dd47ab8a8232f6cffcd3c2
-
SHA1
c695243ed6934a606304bb0146b40f41461647e3
-
SHA256
67520bf7ae01d65369c48247a46c9d6741bda91526868dd50127bf85e45e3292
-
SHA512
bbf6fb7ab3d9ef8db7b136aa0334c9921ed65ff38207e4ee627a651012acb13bf72d2f22cdf03bd225534a1e5fc485ff7c7b52224ca56aadf571cfc5b767cff6
-
SSDEEP
6144:bwDSN/xpP+AegMMtRvu3LqBO/QWr+KGnhDiND0FmPX45f9ncUcNXAo8u2di8vEO:bFpP6gMESCdhOuFmP4VVcUcNXAo8Ji8F
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-