Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    ca06eb5f0ee2d47208441fad60a481705f51ddbffa51a5a1b982b3dddc43f50a.bin

  • Size

    1.2MB

  • Sample

    230505-yamglshg49

  • MD5

    d1d0ccd9c3c421aaeeadcbc0aaa99818

  • SHA1

    4152e1f2e476da9220539114764f4d5c7f8a5c2b

  • SHA256

    ca06eb5f0ee2d47208441fad60a481705f51ddbffa51a5a1b982b3dddc43f50a

  • SHA512

    ef2489127dde465be219595d02b7b448fc7899b0aa8cf28328cc59b17fe7a8cec2a35186519675f02621049e20cdedb3eae6691a129db9c1206a9c2f61487618

  • SSDEEP

    24576:VCbht9y/vN4jFVkUI4Hiew2ltipvLt87VLLLVxCwaUdw578ObN/4SYrnP4uO:VCz9uyy4Hrw2lt2CxxCwbdw57fQSG

Malware Config

Targets

    • Target

      ca06eb5f0ee2d47208441fad60a481705f51ddbffa51a5a1b982b3dddc43f50a.bin

    • Size

      1.2MB

    • MD5

      d1d0ccd9c3c421aaeeadcbc0aaa99818

    • SHA1

      4152e1f2e476da9220539114764f4d5c7f8a5c2b

    • SHA256

      ca06eb5f0ee2d47208441fad60a481705f51ddbffa51a5a1b982b3dddc43f50a

    • SHA512

      ef2489127dde465be219595d02b7b448fc7899b0aa8cf28328cc59b17fe7a8cec2a35186519675f02621049e20cdedb3eae6691a129db9c1206a9c2f61487618

    • SSDEEP

      24576:VCbht9y/vN4jFVkUI4Hiew2ltipvLt87VLLLVxCwaUdw578ObN/4SYrnP4uO:VCz9uyy4Hrw2lt2CxxCwbdw57fQSG

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.