Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
d6fca3cd57293390ccf9d2bc83662dda.bin
-
Size
316KB
-
Sample
240825-cbmm4stcnj
-
MD5
85ce5e51b82148c4ca84ecd85b64f57b
-
SHA1
4b9b6d679220923bd33e3178f2452ffdf1026ca0
-
SHA256
576142e40c7044a58f78ec10c3b9f94bab098de72c7dfffeb2be40e533ae9033
-
SHA512
8cd6d59ec009a5b462d2c45f0cb1d8ad8031a24817b00ab2c3b0f694ff73b3b6a8051d4720e6c7b7d2ec2f11f8f5b8cc718918357cae6c716982f589bbc1c2fa
-
SSDEEP
6144:Q33f8URGysF1iNp3hL7G99KbG3ncjyZd21hKWZBxPo3mCLJBzs9fESCar2j2Wv2:i3kUR5c1iNpxL7G9sbG3n5j2TKWiWCLC
Static task
static1
Behavioral task
behavioral1
Sample
74e0bf30c9107fa716920c878521037db3ca4eeda5c14d745a2459eb14d1190e.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
74e0bf30c9107fa716920c878521037db3ca4eeda5c14d745a2459eb14d1190e.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
redline
LiveTraffic
95.179.163.21:29257
Targets
-
-
Target
74e0bf30c9107fa716920c878521037db3ca4eeda5c14d745a2459eb14d1190e.exe
-
Size
323KB
-
MD5
d6fca3cd57293390ccf9d2bc83662dda
-
SHA1
94496d01aa91e981846299eeac5631ab8b8c4a93
-
SHA256
74e0bf30c9107fa716920c878521037db3ca4eeda5c14d745a2459eb14d1190e
-
SHA512
3990a61000c7dad33e75ce1ca670f5a7b66c0ce1215997dccfca5d4163fedfc7b736bca01c2f1064b0c780eccb039dd0de6be001c87399c1d69da0f456db2a8e
-
SSDEEP
6144:kImw3mswWc3KcEUffTOR/PmB7ZegrbgykDDCT2qDx0j6ibCMvUkBEO:k+wWcXbwmfXK62qSjPbkkBEO
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Suspicious use of SetThreadContext
-