Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
dfae8f819ffd5eedff28d22c04c632a18a32dca85901207cdc5c878d37cd56a6.bin
-
Size
687KB
-
Sample
230501-xfnq7aff7y
-
MD5
28ff621758160f1b33d532bab870f7e2
-
SHA1
713733f18f619b41b86fe88a742cbc84e9969050
-
SHA256
dfae8f819ffd5eedff28d22c04c632a18a32dca85901207cdc5c878d37cd56a6
-
SHA512
783c7bb8cc0997393380821844fa9871414bc9ad8b3b0397fc5574f1da900b97254dadf811a9e30b9ea95f6e57ef875b2337dc04b1f13a941a5924e48ded586f
-
SSDEEP
12288:Uy90/8a3KNIF/aYWyCS42OI6QBDuYOCF5NLvB/wMfyseT2ziKhw8:UyA0wilSVOI6cuzC7NVrfyseyzL5
Static task
static1
Behavioral task
behavioral1
Sample
dfae8f819ffd5eedff28d22c04c632a18a32dca85901207cdc5c878d37cd56a6.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
dfae8f819ffd5eedff28d22c04c632a18a32dca85901207cdc5c878d37cd56a6.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
dfae8f819ffd5eedff28d22c04c632a18a32dca85901207cdc5c878d37cd56a6.bin
-
Size
687KB
-
MD5
28ff621758160f1b33d532bab870f7e2
-
SHA1
713733f18f619b41b86fe88a742cbc84e9969050
-
SHA256
dfae8f819ffd5eedff28d22c04c632a18a32dca85901207cdc5c878d37cd56a6
-
SHA512
783c7bb8cc0997393380821844fa9871414bc9ad8b3b0397fc5574f1da900b97254dadf811a9e30b9ea95f6e57ef875b2337dc04b1f13a941a5924e48ded586f
-
SSDEEP
12288:Uy90/8a3KNIF/aYWyCS42OI6QBDuYOCF5NLvB/wMfyseT2ziKhw8:UyA0wilSVOI6cuzC7NVrfyseyzL5
-
Detects Redline Stealer samples
This rule detects the presence of Redline Stealer samples based on their unique strings.
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-