Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
fee0a609f1554529890f1c56c3aa61734e8e36e69bbf1afa749ec7e3b90e5f96.bin
-
Size
747KB
-
Sample
230501-ybsd9afh75
-
MD5
37888df004aa3046b1388383dd80adf1
-
SHA1
531177ae8a01b4e6e14f89ec045d44076081dea5
-
SHA256
fee0a609f1554529890f1c56c3aa61734e8e36e69bbf1afa749ec7e3b90e5f96
-
SHA512
a05c00dec7c753397e540c4f3a4cca4c74a30c9295cee2070bee8920800d4302cb83a2933cbe42c101fcd0df8ca4103568918a9a61cf39f284a7afbcced1b827
-
SSDEEP
12288:Iy90sqaJpsFCf9E/fH4ir30LGYzs4Bde7k+HZC1XbN4wJnuyG5tyNoC:IyNoYu//Hr2Zs4WpHZCBbNZJuyGnW
Static task
static1
Behavioral task
behavioral1
Sample
fee0a609f1554529890f1c56c3aa61734e8e36e69bbf1afa749ec7e3b90e5f96.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
fee0a609f1554529890f1c56c3aa61734e8e36e69bbf1afa749ec7e3b90e5f96.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
fee0a609f1554529890f1c56c3aa61734e8e36e69bbf1afa749ec7e3b90e5f96.bin
-
Size
747KB
-
MD5
37888df004aa3046b1388383dd80adf1
-
SHA1
531177ae8a01b4e6e14f89ec045d44076081dea5
-
SHA256
fee0a609f1554529890f1c56c3aa61734e8e36e69bbf1afa749ec7e3b90e5f96
-
SHA512
a05c00dec7c753397e540c4f3a4cca4c74a30c9295cee2070bee8920800d4302cb83a2933cbe42c101fcd0df8ca4103568918a9a61cf39f284a7afbcced1b827
-
SSDEEP
12288:Iy90sqaJpsFCf9E/fH4ir30LGYzs4Bde7k+HZC1XbN4wJnuyG5tyNoC:IyNoYu//Hr2Zs4WpHZCBbNZJuyGnW
-
Detects Redline Stealer samples
This rule detects the presence of Redline Stealer samples based on their unique strings.
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-