Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    fe6450a225302d7f9cab3ee73681548d9bf49e41bb42870ba21d374b04ef7e2f.bin

  • Size

    696KB

  • Sample

    230501-ybg9aahf7t

  • MD5

    1feca7be483a7ede6047b2021bba9291

  • SHA1

    232052904b9db804906180ccf2ba113a90eb89e6

  • SHA256

    fe6450a225302d7f9cab3ee73681548d9bf49e41bb42870ba21d374b04ef7e2f

  • SHA512

    1a32cb9bde9022d2554b276eee3b05bc523d276f4dfd1a40df7b073f6adceb43418fada2ac18228acb13beaa336ce22a149da7f0edf850ab08b7de36133eb8d8

  • SSDEEP

    12288:zy90Tq4C00Xa9KJ2A/+tZ9CO3IhMY/NN4MWL6+718buKjA+KQujtlU:zyyqsfKoA/+tXCFneZ6+718bugIbjtlU

Malware Config

Targets

    • Target

      fe6450a225302d7f9cab3ee73681548d9bf49e41bb42870ba21d374b04ef7e2f.bin

    • Size

      696KB

    • MD5

      1feca7be483a7ede6047b2021bba9291

    • SHA1

      232052904b9db804906180ccf2ba113a90eb89e6

    • SHA256

      fe6450a225302d7f9cab3ee73681548d9bf49e41bb42870ba21d374b04ef7e2f

    • SHA512

      1a32cb9bde9022d2554b276eee3b05bc523d276f4dfd1a40df7b073f6adceb43418fada2ac18228acb13beaa336ce22a149da7f0edf850ab08b7de36133eb8d8

    • SSDEEP

      12288:zy90Tq4C00Xa9KJ2A/+tZ9CO3IhMY/NN4MWL6+718buKjA+KQujtlU:zyyqsfKoA/+tXCFneZ6+718bugIbjtlU

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks