Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
68d616feda5325b1bc61e5e07d19327a9bf6034af4d0aeab2b6e83f0148f60c0.bin
-
Size
1.2MB
-
Sample
230506-19hc2sca36
-
MD5
abec5020a55f0b63ef31d23eda022929
-
SHA1
4b3b4d0b6a728c899d50c3a3f602be32f2b7d53d
-
SHA256
68d616feda5325b1bc61e5e07d19327a9bf6034af4d0aeab2b6e83f0148f60c0
-
SHA512
895e1b2bf2b1aa0d553b8f0bb7664a8c7faff1177dea42dfec4b9493c114169ac433a421d9b3603fe4bacd98a7e229c57223d8bcc47c064d155b2d4000378993
-
SSDEEP
24576:hu0fRlKB2ZGPoUC1VqAUjfeEB7htX0yromAWB5HpS/gl:Y0+BshUC1VzUjjPP0/
Malware Config
Targets
-
-
Target
68d616feda5325b1bc61e5e07d19327a9bf6034af4d0aeab2b6e83f0148f60c0.bin
-
Size
1.2MB
-
MD5
abec5020a55f0b63ef31d23eda022929
-
SHA1
4b3b4d0b6a728c899d50c3a3f602be32f2b7d53d
-
SHA256
68d616feda5325b1bc61e5e07d19327a9bf6034af4d0aeab2b6e83f0148f60c0
-
SHA512
895e1b2bf2b1aa0d553b8f0bb7664a8c7faff1177dea42dfec4b9493c114169ac433a421d9b3603fe4bacd98a7e229c57223d8bcc47c064d155b2d4000378993
-
SSDEEP
24576:hu0fRlKB2ZGPoUC1VqAUjfeEB7htX0yromAWB5HpS/gl:Y0+BshUC1VzUjjPP0/
Score10/10-
Detects Redline Stealer samples
This rule detects the presence of Redline Stealer samples based on their unique strings.
-
Modifies Windows Defender Real-time Protection settings
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Windows security modification
-
Adds Run key to start application
-