Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    cdc39c393e568869248dee077808c74a5d4bce8ddf68fce5d31d02e62a903ac0.bin

  • Size

    612KB

  • Sample

    230501-w37xxaee6t

  • MD5

    612478b7e6630a65dc2944f79ae1ac70

  • SHA1

    c9acf440838a19c14fc7cc9146e76743c2b3174f

  • SHA256

    cdc39c393e568869248dee077808c74a5d4bce8ddf68fce5d31d02e62a903ac0

  • SHA512

    0d7fb6f06076d518b9169d52f9e9da2555e5e9ada903bd78b1c538e7951396888663e479dc86e2f08e42dbd4893fd55ceedbb620dd742b9030d02cab3230cde1

  • SSDEEP

    12288:Jy90EG+an4kf8cewJ2H3F1rsP3MqgShiIisYlKZ9VxU5:JylaD8xwJWG35hHijk/xU5

Malware Config

Targets

    • Target

      cdc39c393e568869248dee077808c74a5d4bce8ddf68fce5d31d02e62a903ac0.bin

    • Size

      612KB

    • MD5

      612478b7e6630a65dc2944f79ae1ac70

    • SHA1

      c9acf440838a19c14fc7cc9146e76743c2b3174f

    • SHA256

      cdc39c393e568869248dee077808c74a5d4bce8ddf68fce5d31d02e62a903ac0

    • SHA512

      0d7fb6f06076d518b9169d52f9e9da2555e5e9ada903bd78b1c538e7951396888663e479dc86e2f08e42dbd4893fd55ceedbb620dd742b9030d02cab3230cde1

    • SSDEEP

      12288:Jy90EG+an4kf8cewJ2H3F1rsP3MqgShiIisYlKZ9VxU5:JylaD8xwJWG35hHijk/xU5

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks