Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
f9331b1563d414437c218d9af56e1d6a7e1903b2e8e5d32f20ced61254c0601f.bin
-
Size
1.2MB
-
Sample
230505-zcltjadd87
-
MD5
ffb6bc29fe1a2b1347a302e3587dff19
-
SHA1
ef527cb80e691e5a51da552fd7e334032f309421
-
SHA256
f9331b1563d414437c218d9af56e1d6a7e1903b2e8e5d32f20ced61254c0601f
-
SHA512
f1239c70d4d2726b63a72a36c1a3da63d4f8a1998261e1c78aa7b587a88a960850b086601d1e2043e00066e7aff800dc6c6eca460b70b313363c4d0ecc164bf6
-
SSDEEP
24576:Fj3DX6L44JAoqyf2Bh1F/tSs8mL2U7wucjiw017bw1xq9poyMmem:Fj76L+oqyf2Bl/ksdr754iw017bmw
Static task
static1
Behavioral task
behavioral1
Sample
f9331b1563d414437c218d9af56e1d6a7e1903b2e8e5d32f20ced61254c0601f.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
f9331b1563d414437c218d9af56e1d6a7e1903b2e8e5d32f20ced61254c0601f.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
f9331b1563d414437c218d9af56e1d6a7e1903b2e8e5d32f20ced61254c0601f.bin
-
Size
1.2MB
-
MD5
ffb6bc29fe1a2b1347a302e3587dff19
-
SHA1
ef527cb80e691e5a51da552fd7e334032f309421
-
SHA256
f9331b1563d414437c218d9af56e1d6a7e1903b2e8e5d32f20ced61254c0601f
-
SHA512
f1239c70d4d2726b63a72a36c1a3da63d4f8a1998261e1c78aa7b587a88a960850b086601d1e2043e00066e7aff800dc6c6eca460b70b313363c4d0ecc164bf6
-
SSDEEP
24576:Fj3DX6L44JAoqyf2Bh1F/tSs8mL2U7wucjiw017bw1xq9poyMmem:Fj76L+oqyf2Bl/ksdr754iw017bmw
-
Detects Redline Stealer samples
This rule detects the presence of Redline Stealer samples based on their unique strings.
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-