Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
9fa7b13610b981c7cd872e514c3e930df25002eab3ee5c4e9c744d2995e9b785
-
Size
1.1MB
-
Sample
230505-xda3baee29
-
MD5
78759a370d9984c95c657c515369afb6
-
SHA1
bd2239398fc00e030df52bd235e5cc2d220bd742
-
SHA256
9fa7b13610b981c7cd872e514c3e930df25002eab3ee5c4e9c744d2995e9b785
-
SHA512
c31446fc19b703bad33d35b825f82d5f3c9321fca6edffc36efc9aa81efbe306d4746c16c3927604db9b68f924b9f95a3682cbd3ada1af360a26063e92e19281
-
SSDEEP
24576:cy4ZlrwSR0Y397zpteD91pZAcEFtqWvduVlD3e1YgFB9Ud6zZmSM:L6lrwSR0Y39npID91pZOqWFuHD3+FB9n
Static task
static1
Behavioral task
behavioral1
Sample
9fa7b13610b981c7cd872e514c3e930df25002eab3ee5c4e9c744d2995e9b785.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
9fa7b13610b981c7cd872e514c3e930df25002eab3ee5c4e9c744d2995e9b785.exe
Resource
win10v2004-20230221-en
Malware Config
Targets
-
-
Target
9fa7b13610b981c7cd872e514c3e930df25002eab3ee5c4e9c744d2995e9b785
-
Size
1.1MB
-
MD5
78759a370d9984c95c657c515369afb6
-
SHA1
bd2239398fc00e030df52bd235e5cc2d220bd742
-
SHA256
9fa7b13610b981c7cd872e514c3e930df25002eab3ee5c4e9c744d2995e9b785
-
SHA512
c31446fc19b703bad33d35b825f82d5f3c9321fca6edffc36efc9aa81efbe306d4746c16c3927604db9b68f924b9f95a3682cbd3ada1af360a26063e92e19281
-
SSDEEP
24576:cy4ZlrwSR0Y397zpteD91pZAcEFtqWvduVlD3e1YgFB9Ud6zZmSM:L6lrwSR0Y39npID91pZOqWFuHD3+FB9n
-
Detects Redline Stealer samples
This rule detects the presence of Redline Stealer samples based on their unique strings.
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-