Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
ede8488613c6627f6282e604ff461dc26a033631d00e42f3a51b588e16351da2.bin
-
Size
690KB
-
Sample
230501-xqdc7seh24
-
MD5
95d6bd9db91e5a888f096857155e04e3
-
SHA1
5d0628e45f71f1c0f30c5274eb67b97eed94045a
-
SHA256
ede8488613c6627f6282e604ff461dc26a033631d00e42f3a51b588e16351da2
-
SHA512
ee594767991063e81e4e4f42d80ed7868a67ae1a13d8e433bfb10fc9df87bd8a42115c318caae6f2fc9269165d3f9fc2875d153e15312c0f07f0733bdc63b19b
-
SSDEEP
12288:fy90rBazQF1SOM2hbDgVuXsIc/JxDnHcW9IN6Lmo:fykUEF1rMsslxDnHR9INJo
Malware Config
Targets
-
-
Target
ede8488613c6627f6282e604ff461dc26a033631d00e42f3a51b588e16351da2.bin
-
Size
690KB
-
MD5
95d6bd9db91e5a888f096857155e04e3
-
SHA1
5d0628e45f71f1c0f30c5274eb67b97eed94045a
-
SHA256
ede8488613c6627f6282e604ff461dc26a033631d00e42f3a51b588e16351da2
-
SHA512
ee594767991063e81e4e4f42d80ed7868a67ae1a13d8e433bfb10fc9df87bd8a42115c318caae6f2fc9269165d3f9fc2875d153e15312c0f07f0733bdc63b19b
-
SSDEEP
12288:fy90rBazQF1SOM2hbDgVuXsIc/JxDnHcW9IN6Lmo:fykUEF1rMsslxDnHR9INJo
Score10/10-
Detects Redline Stealer samples
This rule detects the presence of Redline Stealer samples based on their unique strings.
-
Modifies Windows Defender Real-time Protection settings
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Windows security modification
-
Adds Run key to start application
-