Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    eb25cff6454d8963f370a9627c8b4681321ad1c69562d69e5dc80c1d3739e6e7.bin

  • Size

    1.2MB

  • Sample

    230505-y4jmtaef2v

  • MD5

    baa71bea455637ff1847be0a00181ede

  • SHA1

    bc90ed631dab16f964e183278a9628714f7c1c16

  • SHA256

    eb25cff6454d8963f370a9627c8b4681321ad1c69562d69e5dc80c1d3739e6e7

  • SHA512

    00ca8e591646778741981c3fe8e17ae5d9f2f0dc146c979c2f8f542e2fa5ca9453b6ce384379b635c88058e856b778223aa11e48786e2498d1c1d1994edf90d0

  • SSDEEP

    24576:EDTWYG5l2s+JcVCjiT/r0PTcuGzPP5lMcvBxenYLi1OuheoxY7qYV2GSBm:EDpG5wcVCjiTDbb35G0BjiUuh7xXw2L

Malware Config

Targets

    • Target

      eb25cff6454d8963f370a9627c8b4681321ad1c69562d69e5dc80c1d3739e6e7.bin

    • Size

      1.2MB

    • MD5

      baa71bea455637ff1847be0a00181ede

    • SHA1

      bc90ed631dab16f964e183278a9628714f7c1c16

    • SHA256

      eb25cff6454d8963f370a9627c8b4681321ad1c69562d69e5dc80c1d3739e6e7

    • SHA512

      00ca8e591646778741981c3fe8e17ae5d9f2f0dc146c979c2f8f542e2fa5ca9453b6ce384379b635c88058e856b778223aa11e48786e2498d1c1d1994edf90d0

    • SSDEEP

      24576:EDTWYG5l2s+JcVCjiT/r0PTcuGzPP5lMcvBxenYLi1OuheoxY7qYV2GSBm:EDpG5wcVCjiTDbb35G0BjiUuh7xXw2L

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks