Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    d8f33974c674d3728a993226147d9c07f18e1df1ac466df9da2f0ef21cc1cbf5

  • Size

    707KB

  • Sample

    230505-ymwk2sah67

  • MD5

    7942df7c711f153b096e16f2b5358552

  • SHA1

    04d08b5ac2b32e95a0667e07e92714e1f1801d80

  • SHA256

    d8f33974c674d3728a993226147d9c07f18e1df1ac466df9da2f0ef21cc1cbf5

  • SHA512

    3766c0b59c99941c8630addec60f87087dd80cdccc0c5eef0ff7f05256aa51e7c815ab4ff46033bd81741251872afa7a97a835ba485934fa83d5fcea58f79010

  • SSDEEP

    12288:3Mr/y90CR9ShuaUzHMpye91c/pYhy0cBOvMccLoZY/AQKMGDg5x2PX2qGWp:8yfR9ShTCsj91YyhyZE6oqoF5MOv2qd

Malware Config

Targets

    • Target

      d8f33974c674d3728a993226147d9c07f18e1df1ac466df9da2f0ef21cc1cbf5

    • Size

      707KB

    • MD5

      7942df7c711f153b096e16f2b5358552

    • SHA1

      04d08b5ac2b32e95a0667e07e92714e1f1801d80

    • SHA256

      d8f33974c674d3728a993226147d9c07f18e1df1ac466df9da2f0ef21cc1cbf5

    • SHA512

      3766c0b59c99941c8630addec60f87087dd80cdccc0c5eef0ff7f05256aa51e7c815ab4ff46033bd81741251872afa7a97a835ba485934fa83d5fcea58f79010

    • SSDEEP

      12288:3Mr/y90CR9ShuaUzHMpye91c/pYhy0cBOvMccLoZY/AQKMGDg5x2PX2qGWp:8yfR9ShTCsj91YyhyZE6oqoF5MOv2qd

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Windows security modification

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks