Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
62f7439850c1d68d34cdc7b019bbd9baa63039d973aeec1a03b2a6d7bcd1fd4a.bin
-
Size
563KB
-
Sample
230506-15ndhabd69
-
MD5
7ad5da7646f6a413bbb2ded7c00b99ac
-
SHA1
a1b68df6bcce341a31872a7a37fc831067ec1160
-
SHA256
62f7439850c1d68d34cdc7b019bbd9baa63039d973aeec1a03b2a6d7bcd1fd4a
-
SHA512
d0511489720088849febac1e392a56c5f3feac4fc846d678db9f6199a35af97f654aa59bad9c1f589bd91b90924e4c2139dc0fcaa84308a99cb2241bf15aaa29
-
SSDEEP
12288:4y905CNlruxgiOG09Zyn1mIeezU0Lb1nM9235Wlgt:4ypXruAV6n1smbLbpaJlgt
Malware Config
Targets
-
-
Target
62f7439850c1d68d34cdc7b019bbd9baa63039d973aeec1a03b2a6d7bcd1fd4a.bin
-
Size
563KB
-
MD5
7ad5da7646f6a413bbb2ded7c00b99ac
-
SHA1
a1b68df6bcce341a31872a7a37fc831067ec1160
-
SHA256
62f7439850c1d68d34cdc7b019bbd9baa63039d973aeec1a03b2a6d7bcd1fd4a
-
SHA512
d0511489720088849febac1e392a56c5f3feac4fc846d678db9f6199a35af97f654aa59bad9c1f589bd91b90924e4c2139dc0fcaa84308a99cb2241bf15aaa29
-
SSDEEP
12288:4y905CNlruxgiOG09Zyn1mIeezU0Lb1nM9235Wlgt:4ypXruAV6n1smbLbpaJlgt
Score10/10-
Detects Redline Stealer samples
This rule detects the presence of Redline Stealer samples based on their unique strings.
-
Modifies Windows Defender Real-time Protection settings
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Windows security modification
-
Adds Run key to start application
-