Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    db456aaad0aa05c1f3003ce81c31d3d4f78fdbed7c497328f661e2874377e524.bin

  • Size

    618KB

  • Sample

    230501-xc8xysdf93

  • MD5

    acbd86cf2e13d98e8bc317f7a5b8bea9

  • SHA1

    b29c7228cdee3a641a124bbad05033341505eaee

  • SHA256

    db456aaad0aa05c1f3003ce81c31d3d4f78fdbed7c497328f661e2874377e524

  • SHA512

    09cb930b4e75c1f24c76040e051989d954a95963a4e8a2c29a760226b0425ec2aa742a48dfb942c4d9b1e598d7de573de988e36d171a4a0f427ca78769346301

  • SSDEEP

    12288:Vy90QZe3X1Bpzq/mfNv+ySUbrjHQhsVY5d2FO55MWf7dZg5:VysH1BAulGyPrjwhsVY5d2iLZY

Malware Config

Targets

    • Target

      db456aaad0aa05c1f3003ce81c31d3d4f78fdbed7c497328f661e2874377e524.bin

    • Size

      618KB

    • MD5

      acbd86cf2e13d98e8bc317f7a5b8bea9

    • SHA1

      b29c7228cdee3a641a124bbad05033341505eaee

    • SHA256

      db456aaad0aa05c1f3003ce81c31d3d4f78fdbed7c497328f661e2874377e524

    • SHA512

      09cb930b4e75c1f24c76040e051989d954a95963a4e8a2c29a760226b0425ec2aa742a48dfb942c4d9b1e598d7de573de988e36d171a4a0f427ca78769346301

    • SSDEEP

      12288:Vy90QZe3X1Bpzq/mfNv+ySUbrjHQhsVY5d2FO55MWf7dZg5:VysH1BAulGyPrjwhsVY5d2iLZY

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks