Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    52387ccf1edb1a80d1c15873e3f3ac88c79a4fd8d5429956417124526e1a0cc4

  • Size

    480KB

  • Sample

    230506-1sv8ksbg7w

  • MD5

    20d04c1821001d935d8ab428d07f5b3f

  • SHA1

    a0f3de5c6fd5a77f69b2968f06658b53ed4c8496

  • SHA256

    52387ccf1edb1a80d1c15873e3f3ac88c79a4fd8d5429956417124526e1a0cc4

  • SHA512

    3f4fe8241d327aa6d000641aef14848564e9a23ea8e178fc77832a334d484f709241b2fb701cb3d0ebd7e287b62c209b181260eaf71767f92b989732434e169a

  • SSDEEP

    12288:7Mrmy90FSy38Te3E2PBa2lcg7jBe3/HI:RycpDfb2/HI

Malware Config

Targets

    • Target

      52387ccf1edb1a80d1c15873e3f3ac88c79a4fd8d5429956417124526e1a0cc4

    • Size

      480KB

    • MD5

      20d04c1821001d935d8ab428d07f5b3f

    • SHA1

      a0f3de5c6fd5a77f69b2968f06658b53ed4c8496

    • SHA256

      52387ccf1edb1a80d1c15873e3f3ac88c79a4fd8d5429956417124526e1a0cc4

    • SHA512

      3f4fe8241d327aa6d000641aef14848564e9a23ea8e178fc77832a334d484f709241b2fb701cb3d0ebd7e287b62c209b181260eaf71767f92b989732434e169a

    • SSDEEP

      12288:7Mrmy90FSy38Te3E2PBa2lcg7jBe3/HI:RycpDfb2/HI

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks