Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    ece1d8ae55e1009cd2077b5ce974e67472b707a9d0dd53013c8521d64198cbd1.bin

  • Size

    694KB

  • Sample

    230505-y5ltkaeg4y

  • MD5

    596c660def1a7e6df555c1966dc7bc89

  • SHA1

    1a40868b4009ecc22041397333307979cf0384de

  • SHA256

    ece1d8ae55e1009cd2077b5ce974e67472b707a9d0dd53013c8521d64198cbd1

  • SHA512

    0d0e71d4f9d30ff263fcfd75e9b13355a808a28a9bae0b640ad48a159f0e7f73abcd16cbc1b82c27f0165124699e5771bd2dd9d4bf13cfde6ad2327a2a16ca8c

  • SSDEEP

    12288:Wy90byBu1UQeU4ab+6BC8rgHRyKzbqLDZLS+WmjXrwQey59UZ0ysw5MJT7o+:Wy901QmK6wCYQKCsojbwQYPslo+

Malware Config

Targets

    • Target

      ece1d8ae55e1009cd2077b5ce974e67472b707a9d0dd53013c8521d64198cbd1.bin

    • Size

      694KB

    • MD5

      596c660def1a7e6df555c1966dc7bc89

    • SHA1

      1a40868b4009ecc22041397333307979cf0384de

    • SHA256

      ece1d8ae55e1009cd2077b5ce974e67472b707a9d0dd53013c8521d64198cbd1

    • SHA512

      0d0e71d4f9d30ff263fcfd75e9b13355a808a28a9bae0b640ad48a159f0e7f73abcd16cbc1b82c27f0165124699e5771bd2dd9d4bf13cfde6ad2327a2a16ca8c

    • SSDEEP

      12288:Wy90byBu1UQeU4ab+6BC8rgHRyKzbqLDZLS+WmjXrwQey59UZ0ysw5MJT7o+:Wy901QmK6wCYQKCsojbwQYPslo+

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks