Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
49148476fe5813acae79646a34715106d60a43530c32556a7b5416ad068b955b.bin
-
Size
1.2MB
-
Sample
230506-1k3mpaba7s
-
MD5
3cabdf1cdda2ead970d479088c9e205f
-
SHA1
53a7ab49e103ec50614f2d25b243b222000766c2
-
SHA256
49148476fe5813acae79646a34715106d60a43530c32556a7b5416ad068b955b
-
SHA512
aa4dface74240e91deec788c94930365781a8dba097d980faf1f9d0babe16b75bedc00e04e0a9708700a33f2c795cd500ab317399b6609a734f4609319be163f
-
SSDEEP
24576:2y0XzjbedLUczrquzsWKwfRYGmQSHL6y6l28W1xoAZ:FozjbitSTHwfuGyr612B1xo
Static task
static1
Behavioral task
behavioral1
Sample
49148476fe5813acae79646a34715106d60a43530c32556a7b5416ad068b955b.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
49148476fe5813acae79646a34715106d60a43530c32556a7b5416ad068b955b.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
49148476fe5813acae79646a34715106d60a43530c32556a7b5416ad068b955b.bin
-
Size
1.2MB
-
MD5
3cabdf1cdda2ead970d479088c9e205f
-
SHA1
53a7ab49e103ec50614f2d25b243b222000766c2
-
SHA256
49148476fe5813acae79646a34715106d60a43530c32556a7b5416ad068b955b
-
SHA512
aa4dface74240e91deec788c94930365781a8dba097d980faf1f9d0babe16b75bedc00e04e0a9708700a33f2c795cd500ab317399b6609a734f4609319be163f
-
SSDEEP
24576:2y0XzjbedLUczrquzsWKwfRYGmQSHL6y6l28W1xoAZ:FozjbitSTHwfuGyr612B1xo
-
Detects Redline Stealer samples
This rule detects the presence of Redline Stealer samples based on their unique strings.
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-