Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
d0aa3df71a9943907e9ef016c47d2133690c60c0f8323518bd779c0802577cb9.bin
-
Size
697KB
-
Sample
230505-ygy4zscd7z
-
MD5
c6cffa513a9f7eaab59a15c8595e276c
-
SHA1
952b4069097235d093c3f4a5f91735017bac7811
-
SHA256
d0aa3df71a9943907e9ef016c47d2133690c60c0f8323518bd779c0802577cb9
-
SHA512
b1e96465b65a79f482a69d58544cecd355aebc32903c9c6d0cc9c72050fad2208241e740d0049f238a50fb0572abf6d79f27fce6c33878d8f3634a25f26b599a
-
SSDEEP
12288:sy90jkqwaRC8pmGmnXQxywvAjeZjxz9Bm2cJNIE2V7tNHSWa1c6k:symsawTGmXQxyLAjM2uS/Rh8c6k
Static task
static1
Behavioral task
behavioral1
Sample
d0aa3df71a9943907e9ef016c47d2133690c60c0f8323518bd779c0802577cb9.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
d0aa3df71a9943907e9ef016c47d2133690c60c0f8323518bd779c0802577cb9.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
d0aa3df71a9943907e9ef016c47d2133690c60c0f8323518bd779c0802577cb9.bin
-
Size
697KB
-
MD5
c6cffa513a9f7eaab59a15c8595e276c
-
SHA1
952b4069097235d093c3f4a5f91735017bac7811
-
SHA256
d0aa3df71a9943907e9ef016c47d2133690c60c0f8323518bd779c0802577cb9
-
SHA512
b1e96465b65a79f482a69d58544cecd355aebc32903c9c6d0cc9c72050fad2208241e740d0049f238a50fb0572abf6d79f27fce6c33878d8f3634a25f26b599a
-
SSDEEP
12288:sy90jkqwaRC8pmGmnXQxywvAjeZjxz9Bm2cJNIE2V7tNHSWa1c6k:symsawTGmXQxyLAjM2uS/Rh8c6k
-
Detects Redline Stealer samples
This rule detects the presence of Redline Stealer samples based on their unique strings.
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-