Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
Installer.exe
-
Size
1.4MB
-
Sample
240819-zemhvavbma
-
MD5
7eaaaa8fcc415db545f4cde72ad083c0
-
SHA1
9d294d1f61147dfe82cb30d8b6aa4c978ed3a609
-
SHA256
a105ae6db94ceb063d8e0019207bd08642d3d434a8217e3fe833b020bd6e6170
-
SHA512
cfff393947a65ba9f043bfbbddbeb4d2c4e8289a561f65f25c0294f7aa36367782b163ad9b19fe407beb2bfd9aec019b5cdb9293228552fc7a2a857316b774d5
-
SSDEEP
24576:byeIaZhac1XXDN0rKOWN8O3b0/3GhiIAzPU:b6StnDN0rKOWN8O3b0/3GhiIAzP
Static task
static1
Behavioral task
behavioral1
Sample
Installer.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
Installer.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
redline
185.196.9.26:6302
Targets
-
-
Target
Installer.exe
-
Size
1.4MB
-
MD5
7eaaaa8fcc415db545f4cde72ad083c0
-
SHA1
9d294d1f61147dfe82cb30d8b6aa4c978ed3a609
-
SHA256
a105ae6db94ceb063d8e0019207bd08642d3d434a8217e3fe833b020bd6e6170
-
SHA512
cfff393947a65ba9f043bfbbddbeb4d2c4e8289a561f65f25c0294f7aa36367782b163ad9b19fe407beb2bfd9aec019b5cdb9293228552fc7a2a857316b774d5
-
SSDEEP
24576:byeIaZhac1XXDN0rKOWN8O3b0/3GhiIAzPU:b6StnDN0rKOWN8O3b0/3GhiIAzP
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Credentials from Password Stores: Credentials from Web Browsers
Malicious Access or copy of Web Browser Credential store.
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-