Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

4f6a0ddfcb...be.exe

windows7-x64

7

4f6a0ddfcb...be.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4f6a0ddfcb845de6b8486b0134b48e65ccfbc10ef394862baa6c4147e41f3bbe

  • Size

    479KB

  • Sample

    230506-1qn2gsbe7w

  • MD5

    a7197f87435b55aed36005c1d7a44054

  • SHA1

    35673ff66b6ea4c9057a9e56d838511d29d2845e

  • SHA256

    4f6a0ddfcb845de6b8486b0134b48e65ccfbc10ef394862baa6c4147e41f3bbe

  • SHA512

    28a22752459740b48ead8ccb06160a525d1b4700edfb945c34ad0efd1202f495b76ede88e8139cc769decd425bf4cace41a3da7516c1a432c8a2181b0849abe0

  • SSDEEP

    12288:nMrxy90FOgdm8vDKJgGZKVBPmGn88bwZpf30kpd:qyrWCVZUhS8c/30gd

Score
10/10
redlineinfostealerpersistencestealer

Malware Config

Targets

    • Target

      4f6a0ddfcb845de6b8486b0134b48e65ccfbc10ef394862baa6c4147e41f3bbe

    • Size

      479KB

    • MD5

      a7197f87435b55aed36005c1d7a44054

    • SHA1

      35673ff66b6ea4c9057a9e56d838511d29d2845e

    • SHA256

      4f6a0ddfcb845de6b8486b0134b48e65ccfbc10ef394862baa6c4147e41f3bbe

    • SHA512

      28a22752459740b48ead8ccb06160a525d1b4700edfb945c34ad0efd1202f495b76ede88e8139cc769decd425bf4cace41a3da7516c1a432c8a2181b0849abe0

    • SSDEEP

      12288:nMrxy90FOgdm8vDKJgGZKVBPmGn88bwZpf30kpd:qyrWCVZUhS8c/30gd

    Score
    10/10
    persistenceredlineinfostealerstealer

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

      stealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks