Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
ad10f76874450aa585365f1e05d3bc1e5df88c5b61696c8a5523931acaee7d7a.bin
-
Size
1.1MB
-
Sample
230505-xl5a5afe23
-
MD5
6fc5f258dc77328b2a33ae3c6903c3c0
-
SHA1
66a45543debc494105453aa99e3aeaf915e53a8e
-
SHA256
ad10f76874450aa585365f1e05d3bc1e5df88c5b61696c8a5523931acaee7d7a
-
SHA512
43796fce34dca8073a493278be4c58b3294798df4e77dd32194fe8849eae49b819c58494aa17d74595c6d66ef9fbc754002d8fccce8f5a37998e5115e8269388
-
SSDEEP
24576:MyczIuAs0JQ3wxEKBq4P+B+r3/u69zOsHxZbILtt:7qAVQ3ZKB70+zm69zRbYt
Static task
static1
Behavioral task
behavioral1
Sample
ad10f76874450aa585365f1e05d3bc1e5df88c5b61696c8a5523931acaee7d7a.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
ad10f76874450aa585365f1e05d3bc1e5df88c5b61696c8a5523931acaee7d7a.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
ad10f76874450aa585365f1e05d3bc1e5df88c5b61696c8a5523931acaee7d7a.bin
-
Size
1.1MB
-
MD5
6fc5f258dc77328b2a33ae3c6903c3c0
-
SHA1
66a45543debc494105453aa99e3aeaf915e53a8e
-
SHA256
ad10f76874450aa585365f1e05d3bc1e5df88c5b61696c8a5523931acaee7d7a
-
SHA512
43796fce34dca8073a493278be4c58b3294798df4e77dd32194fe8849eae49b819c58494aa17d74595c6d66ef9fbc754002d8fccce8f5a37998e5115e8269388
-
SSDEEP
24576:MyczIuAs0JQ3wxEKBq4P+B+r3/u69zOsHxZbILtt:7qAVQ3ZKB70+zm69zRbYt
-
Detects Redline Stealer samples
This rule detects the presence of Redline Stealer samples based on their unique strings.
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-