Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    file24si.exe.bin

  • Size

    416KB

  • Sample

    230501-ycejsaga39

  • MD5

    88346e024a829cfbceb604a06c0ea696

  • SHA1

    332970c3d2fa700490fbd93f84b084229dd5c6f9

  • SHA256

    9b1a939ef1f138795d43b385beb756509ca4873e608f0bf7f13b705f37d386cc

  • SHA512

    2c1a032e251aa4cef182e1504d97cdcead0246aa33e3f622a407a7b59d4eb361e00558978d6d944974e61ffe4f1ecdd0208805c6621a79aad12fc59556c3e557

  • SSDEEP

    6144:MEj5F+hK+czmpFVBGM7/XKsSmOf4U/oARfrJ1ygJeU3TpzmdNP1:M6F+E+Fz7zasSf4U/XpJsU39SdN

Malware Config

Targets

    • Target

      file24si.exe.bin

    • Size

      416KB

    • MD5

      88346e024a829cfbceb604a06c0ea696

    • SHA1

      332970c3d2fa700490fbd93f84b084229dd5c6f9

    • SHA256

      9b1a939ef1f138795d43b385beb756509ca4873e608f0bf7f13b705f37d386cc

    • SHA512

      2c1a032e251aa4cef182e1504d97cdcead0246aa33e3f622a407a7b59d4eb361e00558978d6d944974e61ffe4f1ecdd0208805c6621a79aad12fc59556c3e557

    • SSDEEP

      6144:MEj5F+hK+czmpFVBGM7/XKsSmOf4U/oARfrJ1ygJeU3TpzmdNP1:M6F+E+Fz7zasSf4U/XpJsU39SdN

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks