Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    4f6a0ddfcb845de6b8486b0134b48e65ccfbc10ef394862baa6c4147e41f3bbe

  • Size

    479KB

  • Sample

    230506-1qn2gsbe7w

  • MD5

    a7197f87435b55aed36005c1d7a44054

  • SHA1

    35673ff66b6ea4c9057a9e56d838511d29d2845e

  • SHA256

    4f6a0ddfcb845de6b8486b0134b48e65ccfbc10ef394862baa6c4147e41f3bbe

  • SHA512

    28a22752459740b48ead8ccb06160a525d1b4700edfb945c34ad0efd1202f495b76ede88e8139cc769decd425bf4cace41a3da7516c1a432c8a2181b0849abe0

  • SSDEEP

    12288:nMrxy90FOgdm8vDKJgGZKVBPmGn88bwZpf30kpd:qyrWCVZUhS8c/30gd

Malware Config

Targets

    • Target

      4f6a0ddfcb845de6b8486b0134b48e65ccfbc10ef394862baa6c4147e41f3bbe

    • Size

      479KB

    • MD5

      a7197f87435b55aed36005c1d7a44054

    • SHA1

      35673ff66b6ea4c9057a9e56d838511d29d2845e

    • SHA256

      4f6a0ddfcb845de6b8486b0134b48e65ccfbc10ef394862baa6c4147e41f3bbe

    • SHA512

      28a22752459740b48ead8ccb06160a525d1b4700edfb945c34ad0efd1202f495b76ede88e8139cc769decd425bf4cace41a3da7516c1a432c8a2181b0849abe0

    • SSDEEP

      12288:nMrxy90FOgdm8vDKJgGZKVBPmGn88bwZpf30kpd:qyrWCVZUhS8c/30gd

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks