Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
a3fa82924044e101e9afaed43d9fd6dc242a12fabbb60296cd8f231846578566
-
Size
1.5MB
-
Sample
230505-xflxlaeg83
-
MD5
c1ad9354ae7e8a733f9c12643554ed1c
-
SHA1
419dc90e728e5fea52f28e5c5541873cb83b136f
-
SHA256
a3fa82924044e101e9afaed43d9fd6dc242a12fabbb60296cd8f231846578566
-
SHA512
109e3090fb032c1ddd96ca705932b6fa73209a642fb5fada0b27ab9ede394f5b17bde4874da844f96456c8f53b590fa221b393692c671eb11c8c80734a64cb4d
-
SSDEEP
49152:wL7b0i7Re4pCcKBuQeTZNxAbkOSqfnuATv0:2b0V4p/26T6bjPu7
Static task
static1
Behavioral task
behavioral1
Sample
a3fa82924044e101e9afaed43d9fd6dc242a12fabbb60296cd8f231846578566.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
a3fa82924044e101e9afaed43d9fd6dc242a12fabbb60296cd8f231846578566.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
redline
maxbi
185.161.248.73:4164
-
auth_value
6aa7dba884fe45693dfa04c91440daef
Targets
-
-
Target
a3fa82924044e101e9afaed43d9fd6dc242a12fabbb60296cd8f231846578566
-
Size
1.5MB
-
MD5
c1ad9354ae7e8a733f9c12643554ed1c
-
SHA1
419dc90e728e5fea52f28e5c5541873cb83b136f
-
SHA256
a3fa82924044e101e9afaed43d9fd6dc242a12fabbb60296cd8f231846578566
-
SHA512
109e3090fb032c1ddd96ca705932b6fa73209a642fb5fada0b27ab9ede394f5b17bde4874da844f96456c8f53b590fa221b393692c671eb11c8c80734a64cb4d
-
SSDEEP
49152:wL7b0i7Re4pCcKBuQeTZNxAbkOSqfnuATv0:2b0V4p/26T6bjPu7
-
Detects Redline Stealer samples
This rule detects the presence of Redline Stealer samples based on their unique strings.
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-