Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    9c402d7800caa2f7a12f45b394104d7dc486461da0fdd1aa1c15614af5b0f68d.bin

  • Size

    1.2MB

  • Sample

    230505-xa54aaeb99

  • MD5

    2ec8cff83c3b4f6f0c0268c5659278b7

  • SHA1

    465d11633755715d8d1fbac110eea6f78d88a189

  • SHA256

    9c402d7800caa2f7a12f45b394104d7dc486461da0fdd1aa1c15614af5b0f68d

  • SHA512

    a8ef1e0b9741f8570f43ab420e136ba2b9250964d2a80a949ef73a16daf8004b06dd846f5e099a5aaeb0d70f203166043197335774563cf7ff98d31107addb66

  • SSDEEP

    24576:cDTWYG5l2s+JcVCjiT/r0PTcuGzPP5lMcvBxenYLi1OuheoxY7qYV2GSBm:cDpG5wcVCjiTDbb35G0BjiUuh7xXw2L

Malware Config

Targets

    • Target

      9c402d7800caa2f7a12f45b394104d7dc486461da0fdd1aa1c15614af5b0f68d.bin

    • Size

      1.2MB

    • MD5

      2ec8cff83c3b4f6f0c0268c5659278b7

    • SHA1

      465d11633755715d8d1fbac110eea6f78d88a189

    • SHA256

      9c402d7800caa2f7a12f45b394104d7dc486461da0fdd1aa1c15614af5b0f68d

    • SHA512

      a8ef1e0b9741f8570f43ab420e136ba2b9250964d2a80a949ef73a16daf8004b06dd846f5e099a5aaeb0d70f203166043197335774563cf7ff98d31107addb66

    • SSDEEP

      24576:cDTWYG5l2s+JcVCjiT/r0PTcuGzPP5lMcvBxenYLi1OuheoxY7qYV2GSBm:cDpG5wcVCjiTDbb35G0BjiUuh7xXw2L

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks