Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
a654bb4ea84b0672f08f8f55446768cbd19cb6591d24083c52dad79cc8435f23
-
Size
479KB
-
Sample
241111-bm6dxszcjg
-
MD5
c8874dfad5b5c66af668c96187e6442e
-
SHA1
ba160bd09471aaf8aaadb000c23887debec44db1
-
SHA256
a654bb4ea84b0672f08f8f55446768cbd19cb6591d24083c52dad79cc8435f23
-
SHA512
28d5e312dce7828a792f0bc124b3f56ea02595083c3af7e671d1d0e9ef932a11d8173b0e4afcaae5b9b51e19be0549bbaadc9e27bcaeb3c725eb664721ab2e7c
-
SSDEEP
12288:RMr7y90WBAsZriQ6EEG8HY+iL7v6aRWqu8JuV/xXW:ayzAsZm9g84Tj6k1FJuV/xXW
Static task
static1
Behavioral task
behavioral1
Sample
a654bb4ea84b0672f08f8f55446768cbd19cb6591d24083c52dad79cc8435f23.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
divan
217.196.96.102:4132
-
auth_value
b414986bebd7f5a3ec9aee0341b8e769
Targets
-
-
Target
a654bb4ea84b0672f08f8f55446768cbd19cb6591d24083c52dad79cc8435f23
-
Size
479KB
-
MD5
c8874dfad5b5c66af668c96187e6442e
-
SHA1
ba160bd09471aaf8aaadb000c23887debec44db1
-
SHA256
a654bb4ea84b0672f08f8f55446768cbd19cb6591d24083c52dad79cc8435f23
-
SHA512
28d5e312dce7828a792f0bc124b3f56ea02595083c3af7e671d1d0e9ef932a11d8173b0e4afcaae5b9b51e19be0549bbaadc9e27bcaeb3c725eb664721ab2e7c
-
SSDEEP
12288:RMr7y90WBAsZriQ6EEG8HY+iL7v6aRWqu8JuV/xXW:ayzAsZm9g84Tj6k1FJuV/xXW
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-