Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
9c402d7800caa2f7a12f45b394104d7dc486461da0fdd1aa1c15614af5b0f68d.bin
-
Size
1.2MB
-
Sample
230505-xa54aaeb99
-
MD5
2ec8cff83c3b4f6f0c0268c5659278b7
-
SHA1
465d11633755715d8d1fbac110eea6f78d88a189
-
SHA256
9c402d7800caa2f7a12f45b394104d7dc486461da0fdd1aa1c15614af5b0f68d
-
SHA512
a8ef1e0b9741f8570f43ab420e136ba2b9250964d2a80a949ef73a16daf8004b06dd846f5e099a5aaeb0d70f203166043197335774563cf7ff98d31107addb66
-
SSDEEP
24576:cDTWYG5l2s+JcVCjiT/r0PTcuGzPP5lMcvBxenYLi1OuheoxY7qYV2GSBm:cDpG5wcVCjiTDbb35G0BjiUuh7xXw2L
Static task
static1
Behavioral task
behavioral1
Sample
9c402d7800caa2f7a12f45b394104d7dc486461da0fdd1aa1c15614af5b0f68d.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
9c402d7800caa2f7a12f45b394104d7dc486461da0fdd1aa1c15614af5b0f68d.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
9c402d7800caa2f7a12f45b394104d7dc486461da0fdd1aa1c15614af5b0f68d.bin
-
Size
1.2MB
-
MD5
2ec8cff83c3b4f6f0c0268c5659278b7
-
SHA1
465d11633755715d8d1fbac110eea6f78d88a189
-
SHA256
9c402d7800caa2f7a12f45b394104d7dc486461da0fdd1aa1c15614af5b0f68d
-
SHA512
a8ef1e0b9741f8570f43ab420e136ba2b9250964d2a80a949ef73a16daf8004b06dd846f5e099a5aaeb0d70f203166043197335774563cf7ff98d31107addb66
-
SSDEEP
24576:cDTWYG5l2s+JcVCjiT/r0PTcuGzPP5lMcvBxenYLi1OuheoxY7qYV2GSBm:cDpG5wcVCjiTDbb35G0BjiUuh7xXw2L
-
Detects Redline Stealer samples
This rule detects the presence of Redline Stealer samples based on their unique strings.
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-