Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    d9b8e92d6077c83fe446904937dbd37e34a183d1af1fa1d95278179655713efb.bin

  • Size

    707KB

  • Sample

    230501-xb7cqsdf29

  • MD5

    416bdb8e05ee78385956ed39aaace2b5

  • SHA1

    17547f35983565f00cd149006563cd6a78179d53

  • SHA256

    d9b8e92d6077c83fe446904937dbd37e34a183d1af1fa1d95278179655713efb

  • SHA512

    3a2e8078b13733fa8e40a11e2468052b65b04e28376a24e6e1b3e3bd81790815114e42929e215360d73c12af97558aeae721f701763d69a3a2f7ca3c4b2b9d96

  • SSDEEP

    12288:Oy90Iz9hP9yGNwto6t/CvF2wjxxcb4wG+ulJWkDGsTdn7Um1pduAeJvGjipl:OyN7P9nA22ojcbCX3i479/qVGwl

Malware Config

Targets

    • Target

      d9b8e92d6077c83fe446904937dbd37e34a183d1af1fa1d95278179655713efb.bin

    • Size

      707KB

    • MD5

      416bdb8e05ee78385956ed39aaace2b5

    • SHA1

      17547f35983565f00cd149006563cd6a78179d53

    • SHA256

      d9b8e92d6077c83fe446904937dbd37e34a183d1af1fa1d95278179655713efb

    • SHA512

      3a2e8078b13733fa8e40a11e2468052b65b04e28376a24e6e1b3e3bd81790815114e42929e215360d73c12af97558aeae721f701763d69a3a2f7ca3c4b2b9d96

    • SSDEEP

      12288:Oy90Iz9hP9yGNwto6t/CvF2wjxxcb4wG+ulJWkDGsTdn7Um1pduAeJvGjipl:OyN7P9nA22ojcbCX3i479/qVGwl

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks