Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    44931694226938ac19e023a420efe97e12947c5731ce847917e294c2bb42e6a2.bin

  • Size

    563KB

  • Sample

    230506-1glvrsaf6v

  • MD5

    020f975c44f8fe489ab00ab5f3c6935e

  • SHA1

    f5c9e3062fc92237d079d88ef27796b04f2cd2a6

  • SHA256

    44931694226938ac19e023a420efe97e12947c5731ce847917e294c2bb42e6a2

  • SHA512

    776ec600b9692bbc5baf27d937a23f8adbfafef44db2914da307006a8375593fefcf8fcd7c814de67de742b6cc88e27b11721edd9cdef06c0448e4362288ceee

  • SSDEEP

    12288:Hy90P0rXsdmusM7DC5WoGo7w0lGF+pnHcnqL/oQrI07fM13sXGNNP:Hyq2cdbz7DC5GIIF8HrLgQ05L3

Malware Config

Targets

    • Target

      44931694226938ac19e023a420efe97e12947c5731ce847917e294c2bb42e6a2.bin

    • Size

      563KB

    • MD5

      020f975c44f8fe489ab00ab5f3c6935e

    • SHA1

      f5c9e3062fc92237d079d88ef27796b04f2cd2a6

    • SHA256

      44931694226938ac19e023a420efe97e12947c5731ce847917e294c2bb42e6a2

    • SHA512

      776ec600b9692bbc5baf27d937a23f8adbfafef44db2914da307006a8375593fefcf8fcd7c814de67de742b6cc88e27b11721edd9cdef06c0448e4362288ceee

    • SSDEEP

      12288:Hy90P0rXsdmusM7DC5WoGo7w0lGF+pnHcnqL/oQrI07fM13sXGNNP:Hyq2cdbz7DC5GIIF8HrLgQ05L3

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks