Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    f098890f3a3ef76f5024724635e10f707971a05e5e1501719312c9206fd9f3b9.bin

  • Size

    1.0MB

  • Sample

    230501-xymlvafa96

  • MD5

    0f1f20160ec8db10603aefeab47a66dc

  • SHA1

    7b2d9269431e77f8887665c40564a21e997c89a1

  • SHA256

    f098890f3a3ef76f5024724635e10f707971a05e5e1501719312c9206fd9f3b9

  • SHA512

    2e5c8aa4186daf1d9c2b0b1e8f6aa79c058738a51c8698ab0ca2bd64b976029d0f5cea7227d872917d7fa0cf8864866be2081a955a70e591bdd107261b988c8c

  • SSDEEP

    24576:hywNEtThlbVucwn8CDJl6OgCF2DwKfN/i3tsjhD:UwNGvb/CDPXFHKl/8a

Malware Config

Targets

    • Target

      f098890f3a3ef76f5024724635e10f707971a05e5e1501719312c9206fd9f3b9.bin

    • Size

      1.0MB

    • MD5

      0f1f20160ec8db10603aefeab47a66dc

    • SHA1

      7b2d9269431e77f8887665c40564a21e997c89a1

    • SHA256

      f098890f3a3ef76f5024724635e10f707971a05e5e1501719312c9206fd9f3b9

    • SHA512

      2e5c8aa4186daf1d9c2b0b1e8f6aa79c058738a51c8698ab0ca2bd64b976029d0f5cea7227d872917d7fa0cf8864866be2081a955a70e591bdd107261b988c8c

    • SSDEEP

      24576:hywNEtThlbVucwn8CDJl6OgCF2DwKfN/i3tsjhD:UwNGvb/CDPXFHKl/8a

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks