Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
ece1d8ae55e1009cd2077b5ce974e67472b707a9d0dd53013c8521d64198cbd1.bin
-
Size
694KB
-
Sample
230505-y5ltkaeg4y
-
MD5
596c660def1a7e6df555c1966dc7bc89
-
SHA1
1a40868b4009ecc22041397333307979cf0384de
-
SHA256
ece1d8ae55e1009cd2077b5ce974e67472b707a9d0dd53013c8521d64198cbd1
-
SHA512
0d0e71d4f9d30ff263fcfd75e9b13355a808a28a9bae0b640ad48a159f0e7f73abcd16cbc1b82c27f0165124699e5771bd2dd9d4bf13cfde6ad2327a2a16ca8c
-
SSDEEP
12288:Wy90byBu1UQeU4ab+6BC8rgHRyKzbqLDZLS+WmjXrwQey59UZ0ysw5MJT7o+:Wy901QmK6wCYQKCsojbwQYPslo+
Static task
static1
Behavioral task
behavioral1
Sample
ece1d8ae55e1009cd2077b5ce974e67472b707a9d0dd53013c8521d64198cbd1.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
ece1d8ae55e1009cd2077b5ce974e67472b707a9d0dd53013c8521d64198cbd1.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
ece1d8ae55e1009cd2077b5ce974e67472b707a9d0dd53013c8521d64198cbd1.bin
-
Size
694KB
-
MD5
596c660def1a7e6df555c1966dc7bc89
-
SHA1
1a40868b4009ecc22041397333307979cf0384de
-
SHA256
ece1d8ae55e1009cd2077b5ce974e67472b707a9d0dd53013c8521d64198cbd1
-
SHA512
0d0e71d4f9d30ff263fcfd75e9b13355a808a28a9bae0b640ad48a159f0e7f73abcd16cbc1b82c27f0165124699e5771bd2dd9d4bf13cfde6ad2327a2a16ca8c
-
SSDEEP
12288:Wy90byBu1UQeU4ab+6BC8rgHRyKzbqLDZLS+WmjXrwQey59UZ0ysw5MJT7o+:Wy901QmK6wCYQKCsojbwQYPslo+
-
Detects Redline Stealer samples
This rule detects the presence of Redline Stealer samples based on their unique strings.
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-