Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
d3b3437d6ea7a02c992585b5cf2b2c34fb7c4b93b81e4407ae7d7d3ee5def890.bin
-
Size
690KB
-
Sample
230501-w868kadc52
-
MD5
c739646777bfd5d1ae7da944ad269ac3
-
SHA1
d98aca4ac920187c5332a85100ced78017feed0c
-
SHA256
d3b3437d6ea7a02c992585b5cf2b2c34fb7c4b93b81e4407ae7d7d3ee5def890
-
SHA512
f34e727e6126821eeb8c8d7ddbf65f0f7fa972718c24cbc2b6fd2e1134378c8ee5a438ef7c5650ca4db405a2dcee6cb20fde687719177b93fa41b10144a3acc7
-
SSDEEP
12288:Jy90NVXamCIhcVExQBlYGPDqbH7/mAbrLari36NaT3Hc8/oXHyy:Jy8VXcVEW74H7+Ab3ari360T3c85y
Static task
static1
Behavioral task
behavioral1
Sample
d3b3437d6ea7a02c992585b5cf2b2c34fb7c4b93b81e4407ae7d7d3ee5def890.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
d3b3437d6ea7a02c992585b5cf2b2c34fb7c4b93b81e4407ae7d7d3ee5def890.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
d3b3437d6ea7a02c992585b5cf2b2c34fb7c4b93b81e4407ae7d7d3ee5def890.bin
-
Size
690KB
-
MD5
c739646777bfd5d1ae7da944ad269ac3
-
SHA1
d98aca4ac920187c5332a85100ced78017feed0c
-
SHA256
d3b3437d6ea7a02c992585b5cf2b2c34fb7c4b93b81e4407ae7d7d3ee5def890
-
SHA512
f34e727e6126821eeb8c8d7ddbf65f0f7fa972718c24cbc2b6fd2e1134378c8ee5a438ef7c5650ca4db405a2dcee6cb20fde687719177b93fa41b10144a3acc7
-
SSDEEP
12288:Jy90NVXamCIhcVExQBlYGPDqbH7/mAbrLari36NaT3Hc8/oXHyy:Jy8VXcVEW74H7+Ab3ari360T3c85y
-
Detects Redline Stealer samples
This rule detects the presence of Redline Stealer samples based on their unique strings.
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-