Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
e5627dba8f724127dba9fd4f9eaf7b8184a8c47a50fd0ab704444211cfe271fa
-
Size
375KB
-
Sample
230505-yyxmgseb2x
-
MD5
1eb2081b940b6f6f8f407caa3b6daca0
-
SHA1
b5d31bf62470d8efd0aaed7ff6f239b5ae772a1d
-
SHA256
e5627dba8f724127dba9fd4f9eaf7b8184a8c47a50fd0ab704444211cfe271fa
-
SHA512
9fbceffe765ad65f0a1c7cf42dc433f68670c4b3616772bc2788888d0cb495fe9b1d777c48641f820575966382a6bcf47e65d27740bbcae4528b3f9443fe1a4e
-
SSDEEP
6144:bBKIS3KjvSnRClKeGG6qHrZjr9YInIvdMHZGg3+KH4DFX:bBZS6jvSnVeJ6oNr9YIq+5B+m
Static task
static1
Behavioral task
behavioral1
Sample
e5627dba8f724127dba9fd4f9eaf7b8184a8c47a50fd0ab704444211cfe271fa.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
e5627dba8f724127dba9fd4f9eaf7b8184a8c47a50fd0ab704444211cfe271fa.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
e5627dba8f724127dba9fd4f9eaf7b8184a8c47a50fd0ab704444211cfe271fa
-
Size
375KB
-
MD5
1eb2081b940b6f6f8f407caa3b6daca0
-
SHA1
b5d31bf62470d8efd0aaed7ff6f239b5ae772a1d
-
SHA256
e5627dba8f724127dba9fd4f9eaf7b8184a8c47a50fd0ab704444211cfe271fa
-
SHA512
9fbceffe765ad65f0a1c7cf42dc433f68670c4b3616772bc2788888d0cb495fe9b1d777c48641f820575966382a6bcf47e65d27740bbcae4528b3f9443fe1a4e
-
SSDEEP
6144:bBKIS3KjvSnRClKeGG6qHrZjr9YInIvdMHZGg3+KH4DFX:bBZS6jvSnVeJ6oNr9YIq+5B+m
Score10/10-
Detects Redline Stealer samples
This rule detects the presence of Redline Stealer samples based on their unique strings.
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-