Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
b7ff613d7cb7771d2b00757cd79a0cf2894bb9d73ee91532912758282843d62d.bin
-
Size
1.1MB
-
Sample
230505-xvx86sgc73
-
MD5
c097c4b43432fcecbcb01709e64b85d9
-
SHA1
33ac96a6ce12c375fea3709b874e97ce19f6c5aa
-
SHA256
b7ff613d7cb7771d2b00757cd79a0cf2894bb9d73ee91532912758282843d62d
-
SHA512
c98b7328872c71b7038248c21ff538155f893ec9a4b66cd997e26b430424ef69a9e5a7683e57624791f02cd0378adb3f631440f90ead1122ac119e47270c71a4
-
SSDEEP
24576:KyQuROkmQEe+omCvUPHd2LdKbGdiY6F0L8bSjAGmf:RQuwJxe+oTUV2LG9P0QmkGm
Static task
static1
Behavioral task
behavioral1
Sample
b7ff613d7cb7771d2b00757cd79a0cf2894bb9d73ee91532912758282843d62d.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
b7ff613d7cb7771d2b00757cd79a0cf2894bb9d73ee91532912758282843d62d.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
b7ff613d7cb7771d2b00757cd79a0cf2894bb9d73ee91532912758282843d62d.bin
-
Size
1.1MB
-
MD5
c097c4b43432fcecbcb01709e64b85d9
-
SHA1
33ac96a6ce12c375fea3709b874e97ce19f6c5aa
-
SHA256
b7ff613d7cb7771d2b00757cd79a0cf2894bb9d73ee91532912758282843d62d
-
SHA512
c98b7328872c71b7038248c21ff538155f893ec9a4b66cd997e26b430424ef69a9e5a7683e57624791f02cd0378adb3f631440f90ead1122ac119e47270c71a4
-
SSDEEP
24576:KyQuROkmQEe+omCvUPHd2LdKbGdiY6F0L8bSjAGmf:RQuwJxe+oTUV2LG9P0QmkGm
-
Detects Redline Stealer samples
This rule detects the presence of Redline Stealer samples based on their unique strings.
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-