Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
410ff1c9a3e4f80ee94beb099a83cec62120e7f112afb14483762e7a54c17e5c.bin
-
Size
694KB
-
Sample
230506-1d79lagd78
-
MD5
b050121b8d0590893174d1ed7bac78be
-
SHA1
e20c2d8cc424e0e90b64bd56c83983202ec40e4c
-
SHA256
410ff1c9a3e4f80ee94beb099a83cec62120e7f112afb14483762e7a54c17e5c
-
SHA512
7005762d69a026573ee15148ece619409217d1bcdd5e4d4a72d460e8acb81a9581994ffcac8ff1ff44690520198977867f6b0221e8b38fa206c8574ebf44a897
-
SSDEEP
12288:gy90lyvACCyR46ZL+IwMkMoLx3RjWEz7wa8qqsclYk:gyZ4pyR46L+ukfd31Ws7Es0Yk
Static task
static1
Behavioral task
behavioral1
Sample
410ff1c9a3e4f80ee94beb099a83cec62120e7f112afb14483762e7a54c17e5c.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
410ff1c9a3e4f80ee94beb099a83cec62120e7f112afb14483762e7a54c17e5c.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
410ff1c9a3e4f80ee94beb099a83cec62120e7f112afb14483762e7a54c17e5c.bin
-
Size
694KB
-
MD5
b050121b8d0590893174d1ed7bac78be
-
SHA1
e20c2d8cc424e0e90b64bd56c83983202ec40e4c
-
SHA256
410ff1c9a3e4f80ee94beb099a83cec62120e7f112afb14483762e7a54c17e5c
-
SHA512
7005762d69a026573ee15148ece619409217d1bcdd5e4d4a72d460e8acb81a9581994ffcac8ff1ff44690520198977867f6b0221e8b38fa206c8574ebf44a897
-
SSDEEP
12288:gy90lyvACCyR46ZL+IwMkMoLx3RjWEz7wa8qqsclYk:gyZ4pyR46L+ukfd31Ws7Es0Yk
-
Detects Redline Stealer samples
This rule detects the presence of Redline Stealer samples based on their unique strings.
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-