Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    4323f974ae1cc1826b57265d544fd81b6667936a653595a57fbab8f8b01991ad.bin

  • Size

    1.2MB

  • Sample

    230506-1fnyqsgf28

  • MD5

    84ed2559bbd16d307d66b45160257f94

  • SHA1

    bcb249a8f31866a524fccf5fab8f8fe21e997311

  • SHA256

    4323f974ae1cc1826b57265d544fd81b6667936a653595a57fbab8f8b01991ad

  • SHA512

    6f95d422572783878c9a246e03d60b9aa5924781af51c4941f83b6ae14239ba62ee72862cbb25dd49b8e7c2f17eb3cbb0118715f5cfa34e011e60f644ba3383b

  • SSDEEP

    24576:DcfsVIKzRLTr3vkFjAacR3lMERO6s0fYK++YSYuugo4cyC/:Dc+I8X8FjAacEER9NYK+lngo4cyC

Malware Config

Targets

    • Target

      4323f974ae1cc1826b57265d544fd81b6667936a653595a57fbab8f8b01991ad.bin

    • Size

      1.2MB

    • MD5

      84ed2559bbd16d307d66b45160257f94

    • SHA1

      bcb249a8f31866a524fccf5fab8f8fe21e997311

    • SHA256

      4323f974ae1cc1826b57265d544fd81b6667936a653595a57fbab8f8b01991ad

    • SHA512

      6f95d422572783878c9a246e03d60b9aa5924781af51c4941f83b6ae14239ba62ee72862cbb25dd49b8e7c2f17eb3cbb0118715f5cfa34e011e60f644ba3383b

    • SSDEEP

      24576:DcfsVIKzRLTr3vkFjAacR3lMERO6s0fYK++YSYuugo4cyC/:Dc+I8X8FjAacEER9NYK+lngo4cyC

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks