Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
ca06eb5f0ee2d47208441fad60a481705f51ddbffa51a5a1b982b3dddc43f50a.bin
-
Size
1.2MB
-
Sample
230505-yamglshg49
-
MD5
d1d0ccd9c3c421aaeeadcbc0aaa99818
-
SHA1
4152e1f2e476da9220539114764f4d5c7f8a5c2b
-
SHA256
ca06eb5f0ee2d47208441fad60a481705f51ddbffa51a5a1b982b3dddc43f50a
-
SHA512
ef2489127dde465be219595d02b7b448fc7899b0aa8cf28328cc59b17fe7a8cec2a35186519675f02621049e20cdedb3eae6691a129db9c1206a9c2f61487618
-
SSDEEP
24576:VCbht9y/vN4jFVkUI4Hiew2ltipvLt87VLLLVxCwaUdw578ObN/4SYrnP4uO:VCz9uyy4Hrw2lt2CxxCwbdw57fQSG
Malware Config
Targets
-
-
Target
ca06eb5f0ee2d47208441fad60a481705f51ddbffa51a5a1b982b3dddc43f50a.bin
-
Size
1.2MB
-
MD5
d1d0ccd9c3c421aaeeadcbc0aaa99818
-
SHA1
4152e1f2e476da9220539114764f4d5c7f8a5c2b
-
SHA256
ca06eb5f0ee2d47208441fad60a481705f51ddbffa51a5a1b982b3dddc43f50a
-
SHA512
ef2489127dde465be219595d02b7b448fc7899b0aa8cf28328cc59b17fe7a8cec2a35186519675f02621049e20cdedb3eae6691a129db9c1206a9c2f61487618
-
SSDEEP
24576:VCbht9y/vN4jFVkUI4Hiew2ltipvLt87VLLLVxCwaUdw578ObN/4SYrnP4uO:VCz9uyy4Hrw2lt2CxxCwbdw57fQSG
Score10/10-
Detects Redline Stealer samples
This rule detects the presence of Redline Stealer samples based on their unique strings.
-
Modifies Windows Defender Real-time Protection settings
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Windows security modification
-
Adds Run key to start application
-