Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    4a9964ce64991fc09f448b41cde9718f89ddb2926606acb89af7bee6db5fde49.bin

  • Size

    694KB

  • Sample

    230506-1l47xahb98

  • MD5

    e161c74cf1593c6b64baf52c33ffe0a5

  • SHA1

    43d69f23ea45ab8e45fad6e2bc862ff38e0144b3

  • SHA256

    4a9964ce64991fc09f448b41cde9718f89ddb2926606acb89af7bee6db5fde49

  • SHA512

    5be74eebf049d5fc83a7316d6b73cacbb3f74ac72028e0842a7a90f29604d348dd639935ed3229159e434ab37191344f643100de0f511b1c89842c53bac21ae4

  • SSDEEP

    12288:vy90MpTxLQFAB/E3IsKsOz7l+w4WqlniNVdUN0cRFbPqwBa0MahTB:vylZQFv5Kj+UqlwdUeSbBht

Malware Config

Targets

    • Target

      4a9964ce64991fc09f448b41cde9718f89ddb2926606acb89af7bee6db5fde49.bin

    • Size

      694KB

    • MD5

      e161c74cf1593c6b64baf52c33ffe0a5

    • SHA1

      43d69f23ea45ab8e45fad6e2bc862ff38e0144b3

    • SHA256

      4a9964ce64991fc09f448b41cde9718f89ddb2926606acb89af7bee6db5fde49

    • SHA512

      5be74eebf049d5fc83a7316d6b73cacbb3f74ac72028e0842a7a90f29604d348dd639935ed3229159e434ab37191344f643100de0f511b1c89842c53bac21ae4

    • SSDEEP

      12288:vy90MpTxLQFAB/E3IsKsOz7l+w4WqlniNVdUN0cRFbPqwBa0MahTB:vylZQFv5Kj+UqlwdUeSbBht

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks