Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    b1d4d450fcaf454b68f0774bc97a6d03efb606d8df4e8ae5a4d8a97a0de21257.bin

  • Size

    612KB

  • Sample

    230505-xq78ksaa5t

  • MD5

    612f4040afe23ac58d15457210cdb6a2

  • SHA1

    729167244b6b37c216691587d28c56c74e3bb0bc

  • SHA256

    b1d4d450fcaf454b68f0774bc97a6d03efb606d8df4e8ae5a4d8a97a0de21257

  • SHA512

    727917efb2d827b9bcdde2136da6735b41762699c2b4a033d53700cdd5a3ef0bd29e051fa2250117af064e32ee405b6481b8437362a27cdc931ce0724481dc46

  • SSDEEP

    12288:Cy90jRTJOX3Umld8k3yjlmbMdelZIqNPORukFYS15qUHh:Cy4RTJOnH3KgbMyfNPoukF7Hh

Malware Config

Targets

    • Target

      b1d4d450fcaf454b68f0774bc97a6d03efb606d8df4e8ae5a4d8a97a0de21257.bin

    • Size

      612KB

    • MD5

      612f4040afe23ac58d15457210cdb6a2

    • SHA1

      729167244b6b37c216691587d28c56c74e3bb0bc

    • SHA256

      b1d4d450fcaf454b68f0774bc97a6d03efb606d8df4e8ae5a4d8a97a0de21257

    • SHA512

      727917efb2d827b9bcdde2136da6735b41762699c2b4a033d53700cdd5a3ef0bd29e051fa2250117af064e32ee405b6481b8437362a27cdc931ce0724481dc46

    • SSDEEP

      12288:Cy90jRTJOX3Umld8k3yjlmbMdelZIqNPORukFYS15qUHh:Cy4RTJOnH3KgbMyfNPoukF7Hh

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks