Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
3481ffb7a478ee0108aa887764f7684a0203a03712b92c77ba385ea73f8e5f26
-
Size
479KB
-
Sample
241111-cdz18ayrbt
-
MD5
c3bee8f6205cea445b6d4bff688a7c86
-
SHA1
2e60eb8161dd24c073d73b62cf485dcee00cd6e3
-
SHA256
3481ffb7a478ee0108aa887764f7684a0203a03712b92c77ba385ea73f8e5f26
-
SHA512
d21b03111b0e70397b5af9e94c47060adca3e58f56898d6416777ff6691753b6e2a2f2f6f9f84121a5f5207ac1bdff3d918fc3016d957e353d953bab484f28e1
-
SSDEEP
6144:Khy+bnr+Mp0yN90QEBsBdsFepZkeP93bUjqodCOcKyBIv1ijn0t8TlXwIpxZ54UW:DMrYy90bsBeKgdqKyU9t8xXwyrHWJLl
Static task
static1
Behavioral task
behavioral1
Sample
3481ffb7a478ee0108aa887764f7684a0203a03712b92c77ba385ea73f8e5f26.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
ditro
217.196.96.101:4132
-
auth_value
8f24ed370a9b24aa28d3d634ea57912e
Targets
-
-
Target
3481ffb7a478ee0108aa887764f7684a0203a03712b92c77ba385ea73f8e5f26
-
Size
479KB
-
MD5
c3bee8f6205cea445b6d4bff688a7c86
-
SHA1
2e60eb8161dd24c073d73b62cf485dcee00cd6e3
-
SHA256
3481ffb7a478ee0108aa887764f7684a0203a03712b92c77ba385ea73f8e5f26
-
SHA512
d21b03111b0e70397b5af9e94c47060adca3e58f56898d6416777ff6691753b6e2a2f2f6f9f84121a5f5207ac1bdff3d918fc3016d957e353d953bab484f28e1
-
SSDEEP
6144:Khy+bnr+Mp0yN90QEBsBdsFepZkeP93bUjqodCOcKyBIv1ijn0t8TlXwIpxZ54UW:DMrYy90bsBeKgdqKyU9t8xXwyrHWJLl
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-