Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    b684daa3c34aa840255d46d1ba002519587e2704cca10f4aee8d8922c6860370.bin

  • Size

    1.0MB

  • Sample

    230505-xt4pkagb82

  • MD5

    e8a38a7d4ced39ff3a03fa3899919492

  • SHA1

    9422f5e17796ce68c30a58034cdd9123ae63efae

  • SHA256

    b684daa3c34aa840255d46d1ba002519587e2704cca10f4aee8d8922c6860370

  • SHA512

    d7681e83110fb36eed70143afa839058a71756be344e39cbed863795978d9ec9c05153942da88a1e66217ee99d7e2461ce5c01712851f33522212f1158ee7fa1

  • SSDEEP

    24576:kykIlFn/PC+KMWgxQIoGjqcAaOuUAnHj82GZK1GvEw:zkIXn/P3KqxQKjp7nD8o1Gv

Malware Config

Targets

    • Target

      b684daa3c34aa840255d46d1ba002519587e2704cca10f4aee8d8922c6860370.bin

    • Size

      1.0MB

    • MD5

      e8a38a7d4ced39ff3a03fa3899919492

    • SHA1

      9422f5e17796ce68c30a58034cdd9123ae63efae

    • SHA256

      b684daa3c34aa840255d46d1ba002519587e2704cca10f4aee8d8922c6860370

    • SHA512

      d7681e83110fb36eed70143afa839058a71756be344e39cbed863795978d9ec9c05153942da88a1e66217ee99d7e2461ce5c01712851f33522212f1158ee7fa1

    • SSDEEP

      24576:kykIlFn/PC+KMWgxQIoGjqcAaOuUAnHj82GZK1GvEw:zkIXn/P3KqxQKjp7nD8o1Gv

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks