Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    eb507f02cc31201d2d31e1342264667ec4b789d18b591126c359a100a824f9e3.bin

  • Size

    1.0MB

  • Sample

    230501-xn2m1sef95

  • MD5

    9acc751de899056fdb9e3e92cf49721d

  • SHA1

    9c2241aae1f1a8ffc60c29929b6f83d93f95c895

  • SHA256

    eb507f02cc31201d2d31e1342264667ec4b789d18b591126c359a100a824f9e3

  • SHA512

    943f515428d3da60861c1d1fd137a086aa209b5b443757aea6a4064eb68b949a1f65bdb8d05d2be78ef0b58eb9de6551749a596405289a4ca998e66d5fc4010e

  • SSDEEP

    24576:JCAYkSvuevX2o0Kjm4BNQyv39+v19w6NpkH+RQ0R4owkPiyFG7HEK:FStvX2ozjm4HFv3M0ckH+RocjFG

Malware Config

Targets

    • Target

      eb507f02cc31201d2d31e1342264667ec4b789d18b591126c359a100a824f9e3.bin

    • Size

      1.0MB

    • MD5

      9acc751de899056fdb9e3e92cf49721d

    • SHA1

      9c2241aae1f1a8ffc60c29929b6f83d93f95c895

    • SHA256

      eb507f02cc31201d2d31e1342264667ec4b789d18b591126c359a100a824f9e3

    • SHA512

      943f515428d3da60861c1d1fd137a086aa209b5b443757aea6a4064eb68b949a1f65bdb8d05d2be78ef0b58eb9de6551749a596405289a4ca998e66d5fc4010e

    • SSDEEP

      24576:JCAYkSvuevX2o0Kjm4BNQyv39+v19w6NpkH+RQ0R4owkPiyFG7HEK:FStvX2ozjm4HFv3M0ckH+RocjFG

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks