Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
60030ecc6b5fd606c7f00bdbceb76de28a8f554e6ab1836fc3f58d86d7ad8b39.bin
-
Size
691KB
-
Sample
230506-13lrwsch8y
-
MD5
7c3275409a3c421c4c64c84557d0369e
-
SHA1
040731069fd061021fd8b3a0cb0531eed1824492
-
SHA256
60030ecc6b5fd606c7f00bdbceb76de28a8f554e6ab1836fc3f58d86d7ad8b39
-
SHA512
0e12ae1e1c7c8a3bd040ab215d6a4129898b8a356981a68e808bed17ad101c821bba6fcc5a1295d2b89a2fde2282542b633f062ea309b578268d24a47da0ab80
-
SSDEEP
12288:Dy90PWUJi5+BLKRv4AdCYcmrIlzyesue2Q7wVgANBZSSr4b5PKq:DyQWZyk4XtJyxt2iANeSkb5Pd
Static task
static1
Behavioral task
behavioral1
Sample
60030ecc6b5fd606c7f00bdbceb76de28a8f554e6ab1836fc3f58d86d7ad8b39.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
60030ecc6b5fd606c7f00bdbceb76de28a8f554e6ab1836fc3f58d86d7ad8b39.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
60030ecc6b5fd606c7f00bdbceb76de28a8f554e6ab1836fc3f58d86d7ad8b39.bin
-
Size
691KB
-
MD5
7c3275409a3c421c4c64c84557d0369e
-
SHA1
040731069fd061021fd8b3a0cb0531eed1824492
-
SHA256
60030ecc6b5fd606c7f00bdbceb76de28a8f554e6ab1836fc3f58d86d7ad8b39
-
SHA512
0e12ae1e1c7c8a3bd040ab215d6a4129898b8a356981a68e808bed17ad101c821bba6fcc5a1295d2b89a2fde2282542b633f062ea309b578268d24a47da0ab80
-
SSDEEP
12288:Dy90PWUJi5+BLKRv4AdCYcmrIlzyesue2Q7wVgANBZSSr4b5PKq:DyQWZyk4XtJyxt2iANeSkb5Pd
-
Detects Redline Stealer samples
This rule detects the presence of Redline Stealer samples based on their unique strings.
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-