Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    42c2ff8f6316910b743cd7dac58e90856bff49a76476cc9f586546bc80e01474.bin

  • Size

    696KB

  • Sample

    230506-1ff8wsge93

  • MD5

    06322ccfc811753144f7b2bb0d0be5d8

  • SHA1

    285f90d5930fafdc8104f41d99a339de1ffab6d3

  • SHA256

    42c2ff8f6316910b743cd7dac58e90856bff49a76476cc9f586546bc80e01474

  • SHA512

    4546c7055a9244ddd7b6f6fbec9302a504115a9c8ed3688f2c51413c6f9722f5b13e25c50e1e47bcb347b838b1340559501048bd85dab9d3b42b0e10d457e8ab

  • SSDEEP

    12288:5y90YadHFfqsSVNSWgId8CzMENiQrdGyXQYF15iVyxkh6qnSbZe946JRY8gA:5ysdlitVNF5nQENyy5kEbZC46jjZ

Malware Config

Targets

    • Target

      42c2ff8f6316910b743cd7dac58e90856bff49a76476cc9f586546bc80e01474.bin

    • Size

      696KB

    • MD5

      06322ccfc811753144f7b2bb0d0be5d8

    • SHA1

      285f90d5930fafdc8104f41d99a339de1ffab6d3

    • SHA256

      42c2ff8f6316910b743cd7dac58e90856bff49a76476cc9f586546bc80e01474

    • SHA512

      4546c7055a9244ddd7b6f6fbec9302a504115a9c8ed3688f2c51413c6f9722f5b13e25c50e1e47bcb347b838b1340559501048bd85dab9d3b42b0e10d457e8ab

    • SSDEEP

      12288:5y90YadHFfqsSVNSWgId8CzMENiQrdGyXQYF15iVyxkh6qnSbZe946JRY8gA:5ysdlitVNF5nQENyy5kEbZC46jjZ

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks