Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    dde1dcb89625ecfc4c397f96ac3e1c59132f1bf030cd431e11809e8c4a2eeeb5.bin

  • Size

    727KB

  • Sample

    230501-xeg71sfe9t

  • MD5

    786bfd76d91e7a1e9282e065aea3aa0b

  • SHA1

    8cb2966788fa3921f2336767295ecabab830f182

  • SHA256

    dde1dcb89625ecfc4c397f96ac3e1c59132f1bf030cd431e11809e8c4a2eeeb5

  • SHA512

    fe7ac0b158655d9847fdde21f221e29e35765a8ecf8705b8f6fca233830ad1224d78276e7e1d380e0201d77eb0ef04948a29f8a0d20aa6aa1586c2f25f324f5f

  • SSDEEP

    12288:Dy90ITOjIAJ9tyzHdvW42h+FqvpVfcjf3efhr5UMhwryDrIn6QHnwbIUO7U9Bp:DyOjjLmdvWbsFeXfcjfOBDwryDr667T3

Malware Config

Targets

    • Target

      dde1dcb89625ecfc4c397f96ac3e1c59132f1bf030cd431e11809e8c4a2eeeb5.bin

    • Size

      727KB

    • MD5

      786bfd76d91e7a1e9282e065aea3aa0b

    • SHA1

      8cb2966788fa3921f2336767295ecabab830f182

    • SHA256

      dde1dcb89625ecfc4c397f96ac3e1c59132f1bf030cd431e11809e8c4a2eeeb5

    • SHA512

      fe7ac0b158655d9847fdde21f221e29e35765a8ecf8705b8f6fca233830ad1224d78276e7e1d380e0201d77eb0ef04948a29f8a0d20aa6aa1586c2f25f324f5f

    • SSDEEP

      12288:Dy90ITOjIAJ9tyzHdvW42h+FqvpVfcjf3efhr5UMhwryDrIn6QHnwbIUO7U9Bp:DyOjjLmdvWbsFeXfcjfOBDwryDr667T3

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks