Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
3ed5abdf67304313b3f5ea78b98989c167625626de2561545f1beb0e90429abd.bin
-
Size
562KB
-
Sample
230506-1cjjvagc44
-
MD5
e98081e91340b5cc4caaa48877cf20e7
-
SHA1
1328e5ac751e7ba38c3f4f0c5a67b2014db72353
-
SHA256
3ed5abdf67304313b3f5ea78b98989c167625626de2561545f1beb0e90429abd
-
SHA512
76b5b812e1aafcacc2f3f8338a910a144c065209d2f624a3f59d42e372875fc5e35f4aba197fa79e0b7b2e85a01a6e207d175fe2b7a3863060dfc7d5fbaace6d
-
SSDEEP
12288:Cy90BTyDVWsynjx0LwEqagoSSIg7FDDxgHayNJ:Cybwsynjx0oaLSfgnGHayT
Malware Config
Targets
-
-
Target
3ed5abdf67304313b3f5ea78b98989c167625626de2561545f1beb0e90429abd.bin
-
Size
562KB
-
MD5
e98081e91340b5cc4caaa48877cf20e7
-
SHA1
1328e5ac751e7ba38c3f4f0c5a67b2014db72353
-
SHA256
3ed5abdf67304313b3f5ea78b98989c167625626de2561545f1beb0e90429abd
-
SHA512
76b5b812e1aafcacc2f3f8338a910a144c065209d2f624a3f59d42e372875fc5e35f4aba197fa79e0b7b2e85a01a6e207d175fe2b7a3863060dfc7d5fbaace6d
-
SSDEEP
12288:Cy90BTyDVWsynjx0LwEqagoSSIg7FDDxgHayNJ:Cybwsynjx0oaLSfgnGHayT
Score10/10-
Detects Redline Stealer samples
This rule detects the presence of Redline Stealer samples based on their unique strings.
-
Modifies Windows Defender Real-time Protection settings
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Windows security modification
-
Adds Run key to start application
-