Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
c1632a93dc892ed28ae8861398f25db3b117c843864581eeba25ef29267cee09.bin
-
Size
695KB
-
Sample
230505-x41ewshb24
-
MD5
2b33a0ff9afe21bba8070386738dd9a1
-
SHA1
36853c50dc3d9498f2c989f12d11688555e72b29
-
SHA256
c1632a93dc892ed28ae8861398f25db3b117c843864581eeba25ef29267cee09
-
SHA512
f3bd20a5bef7984eb95475ceab8c74b4e721026e22cdb5dc93db62c102c4edccafa61bb9fdf22ed97f6d8cc8d24c50bfe8e3f9ac82ff0a70fb191a0be34a1056
-
SSDEEP
12288:ey90tiWyrr2PoTl/Y7TfZdkpD1K4M0QNi8/4PTZdoXfwQ1yiZUDZf7Wg:eyYyPRyfZ2w0Q9QPTzovwQOgg
Static task
static1
Behavioral task
behavioral1
Sample
c1632a93dc892ed28ae8861398f25db3b117c843864581eeba25ef29267cee09.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
c1632a93dc892ed28ae8861398f25db3b117c843864581eeba25ef29267cee09.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
c1632a93dc892ed28ae8861398f25db3b117c843864581eeba25ef29267cee09.bin
-
Size
695KB
-
MD5
2b33a0ff9afe21bba8070386738dd9a1
-
SHA1
36853c50dc3d9498f2c989f12d11688555e72b29
-
SHA256
c1632a93dc892ed28ae8861398f25db3b117c843864581eeba25ef29267cee09
-
SHA512
f3bd20a5bef7984eb95475ceab8c74b4e721026e22cdb5dc93db62c102c4edccafa61bb9fdf22ed97f6d8cc8d24c50bfe8e3f9ac82ff0a70fb191a0be34a1056
-
SSDEEP
12288:ey90tiWyrr2PoTl/Y7TfZdkpD1K4M0QNi8/4PTZdoXfwQ1yiZUDZf7Wg:eyYyPRyfZ2w0Q9QPTzovwQOgg
-
Detects Redline Stealer samples
This rule detects the presence of Redline Stealer samples based on their unique strings.
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-