Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
50409bbf2696d231f352a1a1c517196f9030e0f4e8b9a3698141a838b81bd78b.bin
-
Size
690KB
-
Sample
230506-1rfrhahf98
-
MD5
2db13383df88cddde2b8d7a2f9e9378a
-
SHA1
9a482506a699339250c832fc3636697040a7b77f
-
SHA256
50409bbf2696d231f352a1a1c517196f9030e0f4e8b9a3698141a838b81bd78b
-
SHA512
00fbe2a8b74bfec01cd9997d624a9ab89fdc5bdecbe63c0277aeaff57ad9ed547e82d8cb975576b0f20d2fe58c5d05c7a247fc7f83a4d711d0a1bd169bf1dee3
-
SSDEEP
12288:/y90uQpuxOE4ELPcPj3jqkfRkVP1Jr+s9P+LMGXniNom2k+lrIVR:/yEsJhoTjqGRuSsoONHUra
Malware Config
Targets
-
-
Target
50409bbf2696d231f352a1a1c517196f9030e0f4e8b9a3698141a838b81bd78b.bin
-
Size
690KB
-
MD5
2db13383df88cddde2b8d7a2f9e9378a
-
SHA1
9a482506a699339250c832fc3636697040a7b77f
-
SHA256
50409bbf2696d231f352a1a1c517196f9030e0f4e8b9a3698141a838b81bd78b
-
SHA512
00fbe2a8b74bfec01cd9997d624a9ab89fdc5bdecbe63c0277aeaff57ad9ed547e82d8cb975576b0f20d2fe58c5d05c7a247fc7f83a4d711d0a1bd169bf1dee3
-
SSDEEP
12288:/y90uQpuxOE4ELPcPj3jqkfRkVP1Jr+s9P+LMGXniNom2k+lrIVR:/yEsJhoTjqGRuSsoONHUra
Score10/10-
Detects Redline Stealer samples
This rule detects the presence of Redline Stealer samples based on their unique strings.
-
Modifies Windows Defender Real-time Protection settings
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Windows security modification
-
Adds Run key to start application
-