Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    62296e17676fde6b04b34e0869de6989441fd00612bf82b33a8901c17dab45ef.bin

  • Size

    658KB

  • Sample

    230506-144zvsbd24

  • MD5

    35d203ab2a0a3502327375f6ede3a65d

  • SHA1

    2045b59154c4fd49f21b6e207e4aa98af5307257

  • SHA256

    62296e17676fde6b04b34e0869de6989441fd00612bf82b33a8901c17dab45ef

  • SHA512

    7ab2c037b2eac39407e3ab8252b5b0dbd6872f1ec4dd1eba7446dd67946061559580ff40d672c0c34dfe546b6439b585f691d5cc853aa6a11620b621e18c97a0

  • SSDEEP

    12288:qy90B/epx5o3sCqtPoZuXbzgrdrgePDgbN:qylL5o3bqtPbqdskDK

Malware Config

Targets

    • Target

      62296e17676fde6b04b34e0869de6989441fd00612bf82b33a8901c17dab45ef.bin

    • Size

      658KB

    • MD5

      35d203ab2a0a3502327375f6ede3a65d

    • SHA1

      2045b59154c4fd49f21b6e207e4aa98af5307257

    • SHA256

      62296e17676fde6b04b34e0869de6989441fd00612bf82b33a8901c17dab45ef

    • SHA512

      7ab2c037b2eac39407e3ab8252b5b0dbd6872f1ec4dd1eba7446dd67946061559580ff40d672c0c34dfe546b6439b585f691d5cc853aa6a11620b621e18c97a0

    • SSDEEP

      12288:qy90B/epx5o3sCqtPoZuXbzgrdrgePDgbN:qylL5o3bqtPbqdskDK

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks