Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
ec7a686159e289f0f98ee03e0b7f49848db08c10b2d4e73cf49f167edd05bb55.bin
-
Size
611KB
-
Sample
230501-xpppvage8s
-
MD5
39665c91d56245f43c44b64788d3c57f
-
SHA1
40ee81a54cb9e8ae01d74b53057709034c74ffb4
-
SHA256
ec7a686159e289f0f98ee03e0b7f49848db08c10b2d4e73cf49f167edd05bb55
-
SHA512
02f518caac544593b28d92e06148e034c6ffe8a4f4e51fe8777959b230b5286197837264c3de7a1f32c30d2ae36ff58a55de40c489184b948f2aa19249348c61
-
SSDEEP
12288:5y90iSJLlM0i7GusQwOmDFwq2s059ZCRzlG:5yZStlDiKypmDCC059oZ0
Static task
static1
Behavioral task
behavioral1
Sample
ec7a686159e289f0f98ee03e0b7f49848db08c10b2d4e73cf49f167edd05bb55.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
ec7a686159e289f0f98ee03e0b7f49848db08c10b2d4e73cf49f167edd05bb55.exe
Resource
win10v2004-20230221-en
Malware Config
Targets
-
-
Target
ec7a686159e289f0f98ee03e0b7f49848db08c10b2d4e73cf49f167edd05bb55.bin
-
Size
611KB
-
MD5
39665c91d56245f43c44b64788d3c57f
-
SHA1
40ee81a54cb9e8ae01d74b53057709034c74ffb4
-
SHA256
ec7a686159e289f0f98ee03e0b7f49848db08c10b2d4e73cf49f167edd05bb55
-
SHA512
02f518caac544593b28d92e06148e034c6ffe8a4f4e51fe8777959b230b5286197837264c3de7a1f32c30d2ae36ff58a55de40c489184b948f2aa19249348c61
-
SSDEEP
12288:5y90iSJLlM0i7GusQwOmDFwq2s059ZCRzlG:5yZStlDiKypmDCC059oZ0
-
Detects Redline Stealer samples
This rule detects the presence of Redline Stealer samples based on their unique strings.
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-