Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    692740b747cb89251e11528010f7d17fb985c649fdca7805d842a6c52d2f00e9.bin

  • Size

    1.2MB

  • Sample

    230506-19rlqadg51

  • MD5

    fa1f2e2729a32ab17af550cc72bfb6ac

  • SHA1

    e194c51b38ceccad6457f76c59e871447b64a46f

  • SHA256

    692740b747cb89251e11528010f7d17fb985c649fdca7805d842a6c52d2f00e9

  • SHA512

    44742b4615d31ce3c0feaf7400197d8d49e19c245e907e0b18167dd2c95ddc76b1fbfff65eba01565239544859d5858f7ecb1d0a0cf3e49984d3fb88422cc186

  • SSDEEP

    24576:FVQCVvyI/k4Zf9YMGp77zdd0ZKUNk9e0KUDsM1dpkJNK35m:FVtvhk499YMGVzddAge0KUDsiyNK

Malware Config

Targets

    • Target

      692740b747cb89251e11528010f7d17fb985c649fdca7805d842a6c52d2f00e9.bin

    • Size

      1.2MB

    • MD5

      fa1f2e2729a32ab17af550cc72bfb6ac

    • SHA1

      e194c51b38ceccad6457f76c59e871447b64a46f

    • SHA256

      692740b747cb89251e11528010f7d17fb985c649fdca7805d842a6c52d2f00e9

    • SHA512

      44742b4615d31ce3c0feaf7400197d8d49e19c245e907e0b18167dd2c95ddc76b1fbfff65eba01565239544859d5858f7ecb1d0a0cf3e49984d3fb88422cc186

    • SSDEEP

      24576:FVQCVvyI/k4Zf9YMGp77zdd0ZKUNk9e0KUDsM1dpkJNK35m:FVtvhk499YMGVzddAge0KUDsiyNK

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks