Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    fee0a609f1554529890f1c56c3aa61734e8e36e69bbf1afa749ec7e3b90e5f96.bin

  • Size

    747KB

  • Sample

    230501-ybsd9afh75

  • MD5

    37888df004aa3046b1388383dd80adf1

  • SHA1

    531177ae8a01b4e6e14f89ec045d44076081dea5

  • SHA256

    fee0a609f1554529890f1c56c3aa61734e8e36e69bbf1afa749ec7e3b90e5f96

  • SHA512

    a05c00dec7c753397e540c4f3a4cca4c74a30c9295cee2070bee8920800d4302cb83a2933cbe42c101fcd0df8ca4103568918a9a61cf39f284a7afbcced1b827

  • SSDEEP

    12288:Iy90sqaJpsFCf9E/fH4ir30LGYzs4Bde7k+HZC1XbN4wJnuyG5tyNoC:IyNoYu//Hr2Zs4WpHZCBbNZJuyGnW

Malware Config

Targets

    • Target

      fee0a609f1554529890f1c56c3aa61734e8e36e69bbf1afa749ec7e3b90e5f96.bin

    • Size

      747KB

    • MD5

      37888df004aa3046b1388383dd80adf1

    • SHA1

      531177ae8a01b4e6e14f89ec045d44076081dea5

    • SHA256

      fee0a609f1554529890f1c56c3aa61734e8e36e69bbf1afa749ec7e3b90e5f96

    • SHA512

      a05c00dec7c753397e540c4f3a4cca4c74a30c9295cee2070bee8920800d4302cb83a2933cbe42c101fcd0df8ca4103568918a9a61cf39f284a7afbcced1b827

    • SSDEEP

      12288:Iy90sqaJpsFCf9E/fH4ir30LGYzs4Bde7k+HZC1XbN4wJnuyG5tyNoC:IyNoYu//Hr2Zs4WpHZCBbNZJuyGnW

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks