Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    6a0fd52012926bced3c7c551f27ba345b8cdbfe8462f48b81671bde2702e4766

  • Size

    1.5MB

  • Sample

    230506-199sasdh2y

  • MD5

    3fea863686ae1eeaaa56b91d7ae2b5ba

  • SHA1

    b49cd2d6cea2db1188a9ff27d8bec40342d61691

  • SHA256

    6a0fd52012926bced3c7c551f27ba345b8cdbfe8462f48b81671bde2702e4766

  • SHA512

    f49e8f295ccca3985fba7ab64029c2dde108ec5bd9de39282c67d63df293c98b215c4bac7bba36e6919905c991dff7b01e3fbdf2bca41a15aeeaa0ff4e969ccc

  • SSDEEP

    24576:wy+Tz7NL9zt4a9IJJTFGF5ZTUXXG/Jmav/iIVCPhPfh+r/p:3+Tz7jR92JIFsnGxRacCPJ5

Malware Config

Targets

    • Target

      6a0fd52012926bced3c7c551f27ba345b8cdbfe8462f48b81671bde2702e4766

    • Size

      1.5MB

    • MD5

      3fea863686ae1eeaaa56b91d7ae2b5ba

    • SHA1

      b49cd2d6cea2db1188a9ff27d8bec40342d61691

    • SHA256

      6a0fd52012926bced3c7c551f27ba345b8cdbfe8462f48b81671bde2702e4766

    • SHA512

      f49e8f295ccca3985fba7ab64029c2dde108ec5bd9de39282c67d63df293c98b215c4bac7bba36e6919905c991dff7b01e3fbdf2bca41a15aeeaa0ff4e969ccc

    • SSDEEP

      24576:wy+Tz7NL9zt4a9IJJTFGF5ZTUXXG/Jmav/iIVCPhPfh+r/p:3+Tz7jR92JIFsnGxRacCPJ5

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks