Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
file24si.exe.bin
-
Size
416KB
-
Sample
230501-ycejsaga39
-
MD5
88346e024a829cfbceb604a06c0ea696
-
SHA1
332970c3d2fa700490fbd93f84b084229dd5c6f9
-
SHA256
9b1a939ef1f138795d43b385beb756509ca4873e608f0bf7f13b705f37d386cc
-
SHA512
2c1a032e251aa4cef182e1504d97cdcead0246aa33e3f622a407a7b59d4eb361e00558978d6d944974e61ffe4f1ecdd0208805c6621a79aad12fc59556c3e557
-
SSDEEP
6144:MEj5F+hK+czmpFVBGM7/XKsSmOf4U/oARfrJ1ygJeU3TpzmdNP1:M6F+E+Fz7zasSf4U/XpJsU39SdN
Static task
static1
Behavioral task
behavioral1
Sample
file24si.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
file24si.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
file24si.exe.bin
-
Size
416KB
-
MD5
88346e024a829cfbceb604a06c0ea696
-
SHA1
332970c3d2fa700490fbd93f84b084229dd5c6f9
-
SHA256
9b1a939ef1f138795d43b385beb756509ca4873e608f0bf7f13b705f37d386cc
-
SHA512
2c1a032e251aa4cef182e1504d97cdcead0246aa33e3f622a407a7b59d4eb361e00558978d6d944974e61ffe4f1ecdd0208805c6621a79aad12fc59556c3e557
-
SSDEEP
6144:MEj5F+hK+czmpFVBGM7/XKsSmOf4U/oARfrJ1ygJeU3TpzmdNP1:M6F+E+Fz7zasSf4U/XpJsU39SdN
Score10/10-
Detects Redline Stealer samples
This rule detects the presence of Redline Stealer samples based on their unique strings.
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-