Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    410ff1c9a3e4f80ee94beb099a83cec62120e7f112afb14483762e7a54c17e5c.bin

  • Size

    694KB

  • Sample

    230506-1d79lagd78

  • MD5

    b050121b8d0590893174d1ed7bac78be

  • SHA1

    e20c2d8cc424e0e90b64bd56c83983202ec40e4c

  • SHA256

    410ff1c9a3e4f80ee94beb099a83cec62120e7f112afb14483762e7a54c17e5c

  • SHA512

    7005762d69a026573ee15148ece619409217d1bcdd5e4d4a72d460e8acb81a9581994ffcac8ff1ff44690520198977867f6b0221e8b38fa206c8574ebf44a897

  • SSDEEP

    12288:gy90lyvACCyR46ZL+IwMkMoLx3RjWEz7wa8qqsclYk:gyZ4pyR46L+ukfd31Ws7Es0Yk

Malware Config

Targets

    • Target

      410ff1c9a3e4f80ee94beb099a83cec62120e7f112afb14483762e7a54c17e5c.bin

    • Size

      694KB

    • MD5

      b050121b8d0590893174d1ed7bac78be

    • SHA1

      e20c2d8cc424e0e90b64bd56c83983202ec40e4c

    • SHA256

      410ff1c9a3e4f80ee94beb099a83cec62120e7f112afb14483762e7a54c17e5c

    • SHA512

      7005762d69a026573ee15148ece619409217d1bcdd5e4d4a72d460e8acb81a9581994ffcac8ff1ff44690520198977867f6b0221e8b38fa206c8574ebf44a897

    • SSDEEP

      12288:gy90lyvACCyR46ZL+IwMkMoLx3RjWEz7wa8qqsclYk:gyZ4pyR46L+ukfd31Ws7Es0Yk

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks