Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

f90820a92a...b2.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f90820a92ac08b1efe4ac8510caeee070c6a37efa4052d2f29712a73d8ce13b2

  • Size

    547KB

  • Sample

    241104-q3jbna1djm

  • MD5

    a508c0a5e81993ac44e4f0cceb238a7d

  • SHA1

    084ba2182fcb2f01d4af98d93ee9bb77adbd16e6

  • SHA256

    f90820a92ac08b1efe4ac8510caeee070c6a37efa4052d2f29712a73d8ce13b2

  • SHA512

    55fa6c832e44932be00553eca881b4543ac42e53980b11048eb2223868747e5be153ab6abcaf4a8bd97a2d3d12a0213963e4b5713e14c268aff1edc7a03300e4

  • SSDEEP

    12288:CMrDy90R0jwQo4Je0pC5Bvahpu0MCOnuPf6kh2q0c:By5jG4VCXazu0vOkEc

Score
10/10
healerredlinerumfadiscoverydropperevasioninfostealerpersistencetrojan

Malware Config

Extracted

Family

redline

Botnet

rumfa

C2

193.233.20.24:4123

Attributes
  • auth_value

    749d02a6b4ef1fa2ad908e44ec2296dc

Targets

    • Target

      f90820a92ac08b1efe4ac8510caeee070c6a37efa4052d2f29712a73d8ce13b2

    • Size

      547KB

    • MD5

      a508c0a5e81993ac44e4f0cceb238a7d

    • SHA1

      084ba2182fcb2f01d4af98d93ee9bb77adbd16e6

    • SHA256

      f90820a92ac08b1efe4ac8510caeee070c6a37efa4052d2f29712a73d8ce13b2

    • SHA512

      55fa6c832e44932be00553eca881b4543ac42e53980b11048eb2223868747e5be153ab6abcaf4a8bd97a2d3d12a0213963e4b5713e14c268aff1edc7a03300e4

    • SSDEEP

      12288:CMrDy90R0jwQo4Je0pC5Bvahpu0MCOnuPf6kh2q0c:By5jG4VCXazu0vOkEc

    Score
    10/10
    healerredlinerumfadiscoverydropperevasioninfostealerpersistencetrojan

    • Detects Healer an antivirus disabler dropper

    • Healer

      Healer an antivirus disabler dropper.

      dropperhealer

    • Healer family

      healer

    • Modifies Windows Defender Real-time Protection settings

      evasiontrojan

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • RedLine payload

    • Redline family

      redline

    • Executes dropped EXE

    • Windows security modification

      evasiontrojan

    • Adds Run key to start application

      persistence
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.