Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    c1632a93dc892ed28ae8861398f25db3b117c843864581eeba25ef29267cee09.bin

  • Size

    695KB

  • Sample

    230505-x41ewshb24

  • MD5

    2b33a0ff9afe21bba8070386738dd9a1

  • SHA1

    36853c50dc3d9498f2c989f12d11688555e72b29

  • SHA256

    c1632a93dc892ed28ae8861398f25db3b117c843864581eeba25ef29267cee09

  • SHA512

    f3bd20a5bef7984eb95475ceab8c74b4e721026e22cdb5dc93db62c102c4edccafa61bb9fdf22ed97f6d8cc8d24c50bfe8e3f9ac82ff0a70fb191a0be34a1056

  • SSDEEP

    12288:ey90tiWyrr2PoTl/Y7TfZdkpD1K4M0QNi8/4PTZdoXfwQ1yiZUDZf7Wg:eyYyPRyfZ2w0Q9QPTzovwQOgg

Malware Config

Targets

    • Target

      c1632a93dc892ed28ae8861398f25db3b117c843864581eeba25ef29267cee09.bin

    • Size

      695KB

    • MD5

      2b33a0ff9afe21bba8070386738dd9a1

    • SHA1

      36853c50dc3d9498f2c989f12d11688555e72b29

    • SHA256

      c1632a93dc892ed28ae8861398f25db3b117c843864581eeba25ef29267cee09

    • SHA512

      f3bd20a5bef7984eb95475ceab8c74b4e721026e22cdb5dc93db62c102c4edccafa61bb9fdf22ed97f6d8cc8d24c50bfe8e3f9ac82ff0a70fb191a0be34a1056

    • SSDEEP

      12288:ey90tiWyrr2PoTl/Y7TfZdkpD1K4M0QNi8/4PTZdoXfwQ1yiZUDZf7Wg:eyYyPRyfZ2w0Q9QPTzovwQOgg

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks