Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
3d008be47bd2f82957470b40eaff3e59689b100cc2f32d40d2f2e57838c3f6f5.bin
-
Size
1.1MB
-
Sample
230506-1a7tnagb24
-
MD5
fccb6c2dc19f2dffabcdfd0828285e6c
-
SHA1
4bf68985cf76cdc20d482909ba0da2eefbf4e61a
-
SHA256
3d008be47bd2f82957470b40eaff3e59689b100cc2f32d40d2f2e57838c3f6f5
-
SHA512
332e32d1c27d5c8234b40ad430bb866577fbfe9e1327f96e91481a99f0ebcd6736621a42d471f00b557eb0db990cae4255e6eed08c9bb23fbab8df9983497bf2
-
SSDEEP
24576:kyHLC2x9cgoKjjkXlikwTj0kxY+A10rPkTVZ+UZK9:zm2x9vVjClSjLA1/iE
Static task
static1
Behavioral task
behavioral1
Sample
3d008be47bd2f82957470b40eaff3e59689b100cc2f32d40d2f2e57838c3f6f5.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
3d008be47bd2f82957470b40eaff3e59689b100cc2f32d40d2f2e57838c3f6f5.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
3d008be47bd2f82957470b40eaff3e59689b100cc2f32d40d2f2e57838c3f6f5.bin
-
Size
1.1MB
-
MD5
fccb6c2dc19f2dffabcdfd0828285e6c
-
SHA1
4bf68985cf76cdc20d482909ba0da2eefbf4e61a
-
SHA256
3d008be47bd2f82957470b40eaff3e59689b100cc2f32d40d2f2e57838c3f6f5
-
SHA512
332e32d1c27d5c8234b40ad430bb866577fbfe9e1327f96e91481a99f0ebcd6736621a42d471f00b557eb0db990cae4255e6eed08c9bb23fbab8df9983497bf2
-
SSDEEP
24576:kyHLC2x9cgoKjjkXlikwTj0kxY+A10rPkTVZ+UZK9:zm2x9vVjClSjLA1/iE
-
Detects Redline Stealer samples
This rule detects the presence of Redline Stealer samples based on their unique strings.
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-