Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    4da40ca4b16a80b406e4bd793ef90f3e824374ea28dc0ce18010fed9e525d5ce.bin

  • Size

    1.2MB

  • Sample

    230506-1n9v6sbd6t

  • MD5

    030b525be4709cfcb4d486cbfcf1a7e1

  • SHA1

    7880c99bfdbea3e07d7afbae9563bb6935a731a8

  • SHA256

    4da40ca4b16a80b406e4bd793ef90f3e824374ea28dc0ce18010fed9e525d5ce

  • SHA512

    de3dd18491301ca82eb40d8ea576f51693d0f60325524a67965ebed56afa6f999421354a787dce426d35234d5e3879c346eb21d7e5373b09d6bf5e77085c70c1

  • SSDEEP

    24576:cO/ma41pNBrquMHuDpKqJUd5xYsLo11YdH/tFrQhldU8HJVYx+dblqaWSLO:cOXedEODpKqJGYsLMutFEIx257

Malware Config

Targets

    • Target

      4da40ca4b16a80b406e4bd793ef90f3e824374ea28dc0ce18010fed9e525d5ce.bin

    • Size

      1.2MB

    • MD5

      030b525be4709cfcb4d486cbfcf1a7e1

    • SHA1

      7880c99bfdbea3e07d7afbae9563bb6935a731a8

    • SHA256

      4da40ca4b16a80b406e4bd793ef90f3e824374ea28dc0ce18010fed9e525d5ce

    • SHA512

      de3dd18491301ca82eb40d8ea576f51693d0f60325524a67965ebed56afa6f999421354a787dce426d35234d5e3879c346eb21d7e5373b09d6bf5e77085c70c1

    • SSDEEP

      24576:cO/ma41pNBrquMHuDpKqJUd5xYsLo11YdH/tFrQhldU8HJVYx+dblqaWSLO:cOXedEODpKqJGYsLMutFEIx257

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks