Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    fcf6613a3454512e24632047ce20c9ad3098ac76511b2f2abc68d42c4667b0e9.bin

  • Size

    690KB

  • Sample

    230505-zenqxaga3w

  • MD5

    8cb991d44f83950d56b05c5513480254

  • SHA1

    91861e9496f01a1681d9c1239f3ac4d7803c6883

  • SHA256

    fcf6613a3454512e24632047ce20c9ad3098ac76511b2f2abc68d42c4667b0e9

  • SHA512

    75e97aa1adc0a96f21816fee16a821fbd2e10921f0a989eb509274284da2b8017758e76369829438d1e25e8bc288d1b4536c2320258c7ae5b00fe8a84eab5336

  • SSDEEP

    12288:3y90dmJsQJUcyKb+/83yb1E/VIE80qKR2ymJOD7zLSvuH:3yrOc7+QdIZk2ycO//H

Malware Config

Targets

    • Target

      fcf6613a3454512e24632047ce20c9ad3098ac76511b2f2abc68d42c4667b0e9.bin

    • Size

      690KB

    • MD5

      8cb991d44f83950d56b05c5513480254

    • SHA1

      91861e9496f01a1681d9c1239f3ac4d7803c6883

    • SHA256

      fcf6613a3454512e24632047ce20c9ad3098ac76511b2f2abc68d42c4667b0e9

    • SHA512

      75e97aa1adc0a96f21816fee16a821fbd2e10921f0a989eb509274284da2b8017758e76369829438d1e25e8bc288d1b4536c2320258c7ae5b00fe8a84eab5336

    • SSDEEP

      12288:3y90dmJsQJUcyKb+/83yb1E/VIE80qKR2ymJOD7zLSvuH:3yrOc7+QdIZk2ycO//H

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks