Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    3ed5abdf67304313b3f5ea78b98989c167625626de2561545f1beb0e90429abd.bin

  • Size

    562KB

  • Sample

    230506-1cjjvagc44

  • MD5

    e98081e91340b5cc4caaa48877cf20e7

  • SHA1

    1328e5ac751e7ba38c3f4f0c5a67b2014db72353

  • SHA256

    3ed5abdf67304313b3f5ea78b98989c167625626de2561545f1beb0e90429abd

  • SHA512

    76b5b812e1aafcacc2f3f8338a910a144c065209d2f624a3f59d42e372875fc5e35f4aba197fa79e0b7b2e85a01a6e207d175fe2b7a3863060dfc7d5fbaace6d

  • SSDEEP

    12288:Cy90BTyDVWsynjx0LwEqagoSSIg7FDDxgHayNJ:Cybwsynjx0oaLSfgnGHayT

Malware Config

Targets

    • Target

      3ed5abdf67304313b3f5ea78b98989c167625626de2561545f1beb0e90429abd.bin

    • Size

      562KB

    • MD5

      e98081e91340b5cc4caaa48877cf20e7

    • SHA1

      1328e5ac751e7ba38c3f4f0c5a67b2014db72353

    • SHA256

      3ed5abdf67304313b3f5ea78b98989c167625626de2561545f1beb0e90429abd

    • SHA512

      76b5b812e1aafcacc2f3f8338a910a144c065209d2f624a3f59d42e372875fc5e35f4aba197fa79e0b7b2e85a01a6e207d175fe2b7a3863060dfc7d5fbaace6d

    • SSDEEP

      12288:Cy90BTyDVWsynjx0LwEqagoSSIg7FDDxgHayNJ:Cybwsynjx0oaLSfgnGHayT

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks