Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    e5627dba8f724127dba9fd4f9eaf7b8184a8c47a50fd0ab704444211cfe271fa

  • Size

    375KB

  • Sample

    230505-yyxmgseb2x

  • MD5

    1eb2081b940b6f6f8f407caa3b6daca0

  • SHA1

    b5d31bf62470d8efd0aaed7ff6f239b5ae772a1d

  • SHA256

    e5627dba8f724127dba9fd4f9eaf7b8184a8c47a50fd0ab704444211cfe271fa

  • SHA512

    9fbceffe765ad65f0a1c7cf42dc433f68670c4b3616772bc2788888d0cb495fe9b1d777c48641f820575966382a6bcf47e65d27740bbcae4528b3f9443fe1a4e

  • SSDEEP

    6144:bBKIS3KjvSnRClKeGG6qHrZjr9YInIvdMHZGg3+KH4DFX:bBZS6jvSnVeJ6oNr9YIq+5B+m

Malware Config

Targets

    • Target

      e5627dba8f724127dba9fd4f9eaf7b8184a8c47a50fd0ab704444211cfe271fa

    • Size

      375KB

    • MD5

      1eb2081b940b6f6f8f407caa3b6daca0

    • SHA1

      b5d31bf62470d8efd0aaed7ff6f239b5ae772a1d

    • SHA256

      e5627dba8f724127dba9fd4f9eaf7b8184a8c47a50fd0ab704444211cfe271fa

    • SHA512

      9fbceffe765ad65f0a1c7cf42dc433f68670c4b3616772bc2788888d0cb495fe9b1d777c48641f820575966382a6bcf47e65d27740bbcae4528b3f9443fe1a4e

    • SSDEEP

      6144:bBKIS3KjvSnRClKeGG6qHrZjr9YInIvdMHZGg3+KH4DFX:bBZS6jvSnVeJ6oNr9YIq+5B+m

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks