Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
6a0fd52012926bced3c7c551f27ba345b8cdbfe8462f48b81671bde2702e4766
-
Size
1.5MB
-
Sample
230506-199sasdh2y
-
MD5
3fea863686ae1eeaaa56b91d7ae2b5ba
-
SHA1
b49cd2d6cea2db1188a9ff27d8bec40342d61691
-
SHA256
6a0fd52012926bced3c7c551f27ba345b8cdbfe8462f48b81671bde2702e4766
-
SHA512
f49e8f295ccca3985fba7ab64029c2dde108ec5bd9de39282c67d63df293c98b215c4bac7bba36e6919905c991dff7b01e3fbdf2bca41a15aeeaa0ff4e969ccc
-
SSDEEP
24576:wy+Tz7NL9zt4a9IJJTFGF5ZTUXXG/Jmav/iIVCPhPfh+r/p:3+Tz7jR92JIFsnGxRacCPJ5
Static task
static1
Behavioral task
behavioral1
Sample
6a0fd52012926bced3c7c551f27ba345b8cdbfe8462f48b81671bde2702e4766.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
6a0fd52012926bced3c7c551f27ba345b8cdbfe8462f48b81671bde2702e4766.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
6a0fd52012926bced3c7c551f27ba345b8cdbfe8462f48b81671bde2702e4766
-
Size
1.5MB
-
MD5
3fea863686ae1eeaaa56b91d7ae2b5ba
-
SHA1
b49cd2d6cea2db1188a9ff27d8bec40342d61691
-
SHA256
6a0fd52012926bced3c7c551f27ba345b8cdbfe8462f48b81671bde2702e4766
-
SHA512
f49e8f295ccca3985fba7ab64029c2dde108ec5bd9de39282c67d63df293c98b215c4bac7bba36e6919905c991dff7b01e3fbdf2bca41a15aeeaa0ff4e969ccc
-
SSDEEP
24576:wy+Tz7NL9zt4a9IJJTFGF5ZTUXXG/Jmav/iIVCPhPfh+r/p:3+Tz7jR92JIFsnGxRacCPJ5
-
Detects Redline Stealer samples
This rule detects the presence of Redline Stealer samples based on their unique strings.
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-