Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    ec7a686159e289f0f98ee03e0b7f49848db08c10b2d4e73cf49f167edd05bb55.bin

  • Size

    611KB

  • Sample

    230501-xpppvage8s

  • MD5

    39665c91d56245f43c44b64788d3c57f

  • SHA1

    40ee81a54cb9e8ae01d74b53057709034c74ffb4

  • SHA256

    ec7a686159e289f0f98ee03e0b7f49848db08c10b2d4e73cf49f167edd05bb55

  • SHA512

    02f518caac544593b28d92e06148e034c6ffe8a4f4e51fe8777959b230b5286197837264c3de7a1f32c30d2ae36ff58a55de40c489184b948f2aa19249348c61

  • SSDEEP

    12288:5y90iSJLlM0i7GusQwOmDFwq2s059ZCRzlG:5yZStlDiKypmDCC059oZ0

Malware Config

Targets

    • Target

      ec7a686159e289f0f98ee03e0b7f49848db08c10b2d4e73cf49f167edd05bb55.bin

    • Size

      611KB

    • MD5

      39665c91d56245f43c44b64788d3c57f

    • SHA1

      40ee81a54cb9e8ae01d74b53057709034c74ffb4

    • SHA256

      ec7a686159e289f0f98ee03e0b7f49848db08c10b2d4e73cf49f167edd05bb55

    • SHA512

      02f518caac544593b28d92e06148e034c6ffe8a4f4e51fe8777959b230b5286197837264c3de7a1f32c30d2ae36ff58a55de40c489184b948f2aa19249348c61

    • SSDEEP

      12288:5y90iSJLlM0i7GusQwOmDFwq2s059ZCRzlG:5yZStlDiKypmDCC059oZ0

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks