Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
dde1dcb89625ecfc4c397f96ac3e1c59132f1bf030cd431e11809e8c4a2eeeb5.bin
-
Size
727KB
-
Sample
230501-xeg71sfe9t
-
MD5
786bfd76d91e7a1e9282e065aea3aa0b
-
SHA1
8cb2966788fa3921f2336767295ecabab830f182
-
SHA256
dde1dcb89625ecfc4c397f96ac3e1c59132f1bf030cd431e11809e8c4a2eeeb5
-
SHA512
fe7ac0b158655d9847fdde21f221e29e35765a8ecf8705b8f6fca233830ad1224d78276e7e1d380e0201d77eb0ef04948a29f8a0d20aa6aa1586c2f25f324f5f
-
SSDEEP
12288:Dy90ITOjIAJ9tyzHdvW42h+FqvpVfcjf3efhr5UMhwryDrIn6QHnwbIUO7U9Bp:DyOjjLmdvWbsFeXfcjfOBDwryDr667T3
Static task
static1
Behavioral task
behavioral1
Sample
dde1dcb89625ecfc4c397f96ac3e1c59132f1bf030cd431e11809e8c4a2eeeb5.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
dde1dcb89625ecfc4c397f96ac3e1c59132f1bf030cd431e11809e8c4a2eeeb5.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
dde1dcb89625ecfc4c397f96ac3e1c59132f1bf030cd431e11809e8c4a2eeeb5.bin
-
Size
727KB
-
MD5
786bfd76d91e7a1e9282e065aea3aa0b
-
SHA1
8cb2966788fa3921f2336767295ecabab830f182
-
SHA256
dde1dcb89625ecfc4c397f96ac3e1c59132f1bf030cd431e11809e8c4a2eeeb5
-
SHA512
fe7ac0b158655d9847fdde21f221e29e35765a8ecf8705b8f6fca233830ad1224d78276e7e1d380e0201d77eb0ef04948a29f8a0d20aa6aa1586c2f25f324f5f
-
SSDEEP
12288:Dy90ITOjIAJ9tyzHdvW42h+FqvpVfcjf3efhr5UMhwryDrIn6QHnwbIUO7U9Bp:DyOjjLmdvWbsFeXfcjfOBDwryDr667T3
-
Detects Redline Stealer samples
This rule detects the presence of Redline Stealer samples based on their unique strings.
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-