Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    60f0eacad39965e557bbe7895b8bc2c5f89456493ab244caabf6e2f564b1f6ae.bin

  • Size

    1.2MB

  • Sample

    230506-14aq1sbc29

  • MD5

    bf2e7dee400a36ac0aab89fccb7ae39b

  • SHA1

    74793c41e1887023acbdfbc5b6e8ce74484a4296

  • SHA256

    60f0eacad39965e557bbe7895b8bc2c5f89456493ab244caabf6e2f564b1f6ae

  • SHA512

    077a216750c9a1888dc8fbbf0d2404c9b22f1b0a530e374370a6d3803ddddc3116f71f7d40a2cb4ee11798a422d235d26d7ba63b98a7d007ff77917aab399981

  • SSDEEP

    24576:GGxKz+TDUpS+Nmj4NGQpy6X6yzjKdFuU40KUcDL0lNp/bPm:GGMOKSUDNGQp9qKqFR4JUcDLqNp/b

Malware Config

Targets

    • Target

      60f0eacad39965e557bbe7895b8bc2c5f89456493ab244caabf6e2f564b1f6ae.bin

    • Size

      1.2MB

    • MD5

      bf2e7dee400a36ac0aab89fccb7ae39b

    • SHA1

      74793c41e1887023acbdfbc5b6e8ce74484a4296

    • SHA256

      60f0eacad39965e557bbe7895b8bc2c5f89456493ab244caabf6e2f564b1f6ae

    • SHA512

      077a216750c9a1888dc8fbbf0d2404c9b22f1b0a530e374370a6d3803ddddc3116f71f7d40a2cb4ee11798a422d235d26d7ba63b98a7d007ff77917aab399981

    • SSDEEP

      24576:GGxKz+TDUpS+Nmj4NGQpy6X6yzjKdFuU40KUcDL0lNp/bPm:GGMOKSUDNGQp9qKqFR4JUcDLqNp/b

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks