Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    bf124e355544b5e0394472828570f72660715331a2734386e9a63926d00b9151.bin

  • Size

    1.2MB

  • Sample

    230505-x132lsgh48

  • MD5

    578b1a6dbfb00cb21174e577ae62fbde

  • SHA1

    1e0d0c95956eda5bf9e2d5180020cfc6e4cca573

  • SHA256

    bf124e355544b5e0394472828570f72660715331a2734386e9a63926d00b9151

  • SHA512

    4c307680351eb682ec6244442065900cc60d8af92ab0d6d77fe6741f6ef2f04f9339aacefbe0d353859befbfbcd43d81ccad78492b5c183d1501084d77bf9e5b

  • SSDEEP

    24576:Zj3DX6L44JAoqyf2Bh1F/tSs8mL2U7wucjiw017bw1xq9poyMmem:Zj76L+oqyf2Bl/ksdr754iw017bmw

Malware Config

Targets

    • Target

      bf124e355544b5e0394472828570f72660715331a2734386e9a63926d00b9151.bin

    • Size

      1.2MB

    • MD5

      578b1a6dbfb00cb21174e577ae62fbde

    • SHA1

      1e0d0c95956eda5bf9e2d5180020cfc6e4cca573

    • SHA256

      bf124e355544b5e0394472828570f72660715331a2734386e9a63926d00b9151

    • SHA512

      4c307680351eb682ec6244442065900cc60d8af92ab0d6d77fe6741f6ef2f04f9339aacefbe0d353859befbfbcd43d81ccad78492b5c183d1501084d77bf9e5b

    • SSDEEP

      24576:Zj3DX6L44JAoqyf2Bh1F/tSs8mL2U7wucjiw017bw1xq9poyMmem:Zj76L+oqyf2Bl/ksdr754iw017bmw

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks