Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
eb25cff6454d8963f370a9627c8b4681321ad1c69562d69e5dc80c1d3739e6e7.bin
-
Size
1.2MB
-
Sample
230505-y4jmtaef2v
-
MD5
baa71bea455637ff1847be0a00181ede
-
SHA1
bc90ed631dab16f964e183278a9628714f7c1c16
-
SHA256
eb25cff6454d8963f370a9627c8b4681321ad1c69562d69e5dc80c1d3739e6e7
-
SHA512
00ca8e591646778741981c3fe8e17ae5d9f2f0dc146c979c2f8f542e2fa5ca9453b6ce384379b635c88058e856b778223aa11e48786e2498d1c1d1994edf90d0
-
SSDEEP
24576:EDTWYG5l2s+JcVCjiT/r0PTcuGzPP5lMcvBxenYLi1OuheoxY7qYV2GSBm:EDpG5wcVCjiTDbb35G0BjiUuh7xXw2L
Static task
static1
Behavioral task
behavioral1
Sample
eb25cff6454d8963f370a9627c8b4681321ad1c69562d69e5dc80c1d3739e6e7.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
eb25cff6454d8963f370a9627c8b4681321ad1c69562d69e5dc80c1d3739e6e7.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
eb25cff6454d8963f370a9627c8b4681321ad1c69562d69e5dc80c1d3739e6e7.bin
-
Size
1.2MB
-
MD5
baa71bea455637ff1847be0a00181ede
-
SHA1
bc90ed631dab16f964e183278a9628714f7c1c16
-
SHA256
eb25cff6454d8963f370a9627c8b4681321ad1c69562d69e5dc80c1d3739e6e7
-
SHA512
00ca8e591646778741981c3fe8e17ae5d9f2f0dc146c979c2f8f542e2fa5ca9453b6ce384379b635c88058e856b778223aa11e48786e2498d1c1d1994edf90d0
-
SSDEEP
24576:EDTWYG5l2s+JcVCjiT/r0PTcuGzPP5lMcvBxenYLi1OuheoxY7qYV2GSBm:EDpG5wcVCjiTDbb35G0BjiUuh7xXw2L
-
Detects Redline Stealer samples
This rule detects the presence of Redline Stealer samples based on their unique strings.
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-