Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
4e0cb94237b9f9a93c808e05f99a11903c8f52e18cb859300f2eece1e38df0bf
-
Size
477KB
-
Sample
241107-dg2vnavaqr
-
MD5
dbd6d19021405e3e870bd221041637e8
-
SHA1
b77ad05722e325accf6d9dee50bec1811d868f07
-
SHA256
4e0cb94237b9f9a93c808e05f99a11903c8f52e18cb859300f2eece1e38df0bf
-
SHA512
f9ba419f35aacec3f3a1e8d0415a407faee0ec20ea99d368a10dee9f2853358f1f00d1ad76746665f32d9e9a813ba11c21f85e9f0e85713512cc3a7a0531eb6b
-
SSDEEP
12288:OMrYy90ha0DxDzfR1FBM+/T+5JIJPvEmo57hy4A:+yqDxDnFa+/TPvE84A
Static task
static1
Behavioral task
behavioral1
Sample
4e0cb94237b9f9a93c808e05f99a11903c8f52e18cb859300f2eece1e38df0bf.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
fukia
193.233.20.13:4136
-
auth_value
e5783636fbd9e4f0cf9a017bce02e67e
Targets
-
-
Target
4e0cb94237b9f9a93c808e05f99a11903c8f52e18cb859300f2eece1e38df0bf
-
Size
477KB
-
MD5
dbd6d19021405e3e870bd221041637e8
-
SHA1
b77ad05722e325accf6d9dee50bec1811d868f07
-
SHA256
4e0cb94237b9f9a93c808e05f99a11903c8f52e18cb859300f2eece1e38df0bf
-
SHA512
f9ba419f35aacec3f3a1e8d0415a407faee0ec20ea99d368a10dee9f2853358f1f00d1ad76746665f32d9e9a813ba11c21f85e9f0e85713512cc3a7a0531eb6b
-
SSDEEP
12288:OMrYy90ha0DxDzfR1FBM+/T+5JIJPvEmo57hy4A:+yqDxDnFa+/TPvE84A
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-