Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
5257844de1ca4bdb3974a856842bdfd215402589fa9c42f39bbc402328d158e5.exe
-
Size
586KB
-
Sample
241111-chewvazemk
-
MD5
96345dc7842307368fd315162ae51873
-
SHA1
b84e076b1492c48a21e3ebf98d7fac8fb1a258d6
-
SHA256
5257844de1ca4bdb3974a856842bdfd215402589fa9c42f39bbc402328d158e5
-
SHA512
07eecf80c62e78cb9abf2693252d61c2a43f607a8602f4db7a37ed8a04c5443b5a68cadeb44f3beb08651f61aa4016baa1f11e81890958ffe86a852212c4687f
-
SSDEEP
12288:WMV1C968rngo5WRem+A47x9IyZEZxOrOlW4y34:Wg1iag97x9BZEZQilW49
Static task
static1
Behavioral task
behavioral1
Sample
5257844de1ca4bdb3974a856842bdfd215402589fa9c42f39bbc402328d158e5.exe
Resource
win7-20241023-en
Behavioral task
behavioral2
Sample
5257844de1ca4bdb3974a856842bdfd215402589fa9c42f39bbc402328d158e5.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
redline
lada
185.161.248.90:4125
-
auth_value
0b3678897547fedafe314eda5a2015ba
Targets
-
-
Target
5257844de1ca4bdb3974a856842bdfd215402589fa9c42f39bbc402328d158e5.exe
-
Size
586KB
-
MD5
96345dc7842307368fd315162ae51873
-
SHA1
b84e076b1492c48a21e3ebf98d7fac8fb1a258d6
-
SHA256
5257844de1ca4bdb3974a856842bdfd215402589fa9c42f39bbc402328d158e5
-
SHA512
07eecf80c62e78cb9abf2693252d61c2a43f607a8602f4db7a37ed8a04c5443b5a68cadeb44f3beb08651f61aa4016baa1f11e81890958ffe86a852212c4687f
-
SSDEEP
12288:WMV1C968rngo5WRem+A47x9IyZEZxOrOlW4y34:Wg1iag97x9BZEZQilW49
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-