Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
fb14cf3dd84d331ed72129de2a093f16.bin.bin
-
Size
1004KB
-
Sample
230505-zdqh4sde78
-
MD5
681ad664d5c658ae6db9dfb0a4521a01
-
SHA1
d07a0fb11421c260d7d0075e613bc65839956404
-
SHA256
ab409ce8637bb2fc4dbbf909af3bd9b236272448b6d5e28d8ceb197a10d173bd
-
SHA512
cb099a5dd741b4779cedb6abb4fe15fc9aafc8c0c5ba7a36f94cd182fd2976a51dbf076229cdda4a0f25103977412826b1c29b1343a137b7caf9a789750510b5
-
SSDEEP
24576:rd9xHbXRn0Fy95u2KebqHNQl2DzTuo3cTEayKVb1:xvRnrZClDuGHKv
Static task
static1
Behavioral task
behavioral1
Sample
ea07b2d53fa8793d39a63f4f787e3951cf3eb9fab05cc5a2b5cd3e303c241c10.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
ea07b2d53fa8793d39a63f4f787e3951cf3eb9fab05cc5a2b5cd3e303c241c10.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
ea07b2d53fa8793d39a63f4f787e3951cf3eb9fab05cc5a2b5cd3e303c241c10.exe
-
Size
1.0MB
-
MD5
fb14cf3dd84d331ed72129de2a093f16
-
SHA1
5cddc307f102158e0a091b2fa38bc64fa4c09fd8
-
SHA256
ea07b2d53fa8793d39a63f4f787e3951cf3eb9fab05cc5a2b5cd3e303c241c10
-
SHA512
bd19a4989dea36fc0d82d8236c5bf550c8238d6dc918ec7d3448a3c181cd35df7239e1d5dc0052e089976086698e42f2340edf4b159d4f3e3bca127befe1d226
-
SSDEEP
24576:Hy8NLbMkSWsyEPh9NDRtC26hSW7jvFnyn:S8NLbMkjEZ9N7C26sWdy
-
Detects Redline Stealer samples
This rule detects the presence of Redline Stealer samples based on their unique strings.
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-