Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    d50677e6418159426793545371c130602376bda85546596838df3772cf03c93e.bin

  • Size

    747KB

  • Sample

    230501-w9xqhsdc95

  • MD5

    441f88bcf41639caed3a648d098442cf

  • SHA1

    a589bdbb510d62a7083f84df582499274735d2cb

  • SHA256

    d50677e6418159426793545371c130602376bda85546596838df3772cf03c93e

  • SHA512

    752b3ff61f2a8bd4af18c4f60b6f84f8c5be66f993d1dfcda9a24888c1a96d63f8f80810902a39b85ca32e5656454098210749fadf3de153513669fc24eeeeac

  • SSDEEP

    12288:3y90LHeU5MUvfTisw5KEIjD6/BM92tmoB+8bIgWWv5RY5vGcILMbp:3y8h7isoPs6/OaZdbIgpMnILmp

Malware Config

Targets

    • Target

      d50677e6418159426793545371c130602376bda85546596838df3772cf03c93e.bin

    • Size

      747KB

    • MD5

      441f88bcf41639caed3a648d098442cf

    • SHA1

      a589bdbb510d62a7083f84df582499274735d2cb

    • SHA256

      d50677e6418159426793545371c130602376bda85546596838df3772cf03c93e

    • SHA512

      752b3ff61f2a8bd4af18c4f60b6f84f8c5be66f993d1dfcda9a24888c1a96d63f8f80810902a39b85ca32e5656454098210749fadf3de153513669fc24eeeeac

    • SSDEEP

      12288:3y90LHeU5MUvfTisw5KEIjD6/BM92tmoB+8bIgWWv5RY5vGcILMbp:3y8h7isoPs6/OaZdbIgpMnILmp

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks