Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    fe3b1ed46f48fedf189d82841757339f75d4b9ed69eb18ddd2ffc2e57928f940.bin

  • Size

    644KB

  • Sample

    230501-ybdk4afh45

  • MD5

    add745b6e38654a1d0ee8566fc29d363

  • SHA1

    7719eae533b94ad44c26cb84daecad37b0a65f5d

  • SHA256

    fe3b1ed46f48fedf189d82841757339f75d4b9ed69eb18ddd2ffc2e57928f940

  • SHA512

    dfe898d59ed0284c665f056fab6aa289de82bdb2cf975a2b716abe20f2628662ff78ddc696ee8fe5f5cc15cca643dee49d6269847d10b51cf3d64f65fbaa71be

  • SSDEEP

    12288:2y9078xzKp3xtWSKGNZqWt6QuV7lrqQPZRlu8qx0iSPe7XfyXZND:2y1xzKmikK2pWwj0uve7XqND

Malware Config

Targets

    • Target

      fe3b1ed46f48fedf189d82841757339f75d4b9ed69eb18ddd2ffc2e57928f940.bin

    • Size

      644KB

    • MD5

      add745b6e38654a1d0ee8566fc29d363

    • SHA1

      7719eae533b94ad44c26cb84daecad37b0a65f5d

    • SHA256

      fe3b1ed46f48fedf189d82841757339f75d4b9ed69eb18ddd2ffc2e57928f940

    • SHA512

      dfe898d59ed0284c665f056fab6aa289de82bdb2cf975a2b716abe20f2628662ff78ddc696ee8fe5f5cc15cca643dee49d6269847d10b51cf3d64f65fbaa71be

    • SSDEEP

      12288:2y9078xzKp3xtWSKGNZqWt6QuV7lrqQPZRlu8qx0iSPe7XfyXZND:2y1xzKmikK2pWwj0uve7XqND

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks