Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
52387ccf1edb1a80d1c15873e3f3ac88c79a4fd8d5429956417124526e1a0cc4
-
Size
480KB
-
Sample
230506-1sv8ksbg7w
-
MD5
20d04c1821001d935d8ab428d07f5b3f
-
SHA1
a0f3de5c6fd5a77f69b2968f06658b53ed4c8496
-
SHA256
52387ccf1edb1a80d1c15873e3f3ac88c79a4fd8d5429956417124526e1a0cc4
-
SHA512
3f4fe8241d327aa6d000641aef14848564e9a23ea8e178fc77832a334d484f709241b2fb701cb3d0ebd7e287b62c209b181260eaf71767f92b989732434e169a
-
SSDEEP
12288:7Mrmy90FSy38Te3E2PBa2lcg7jBe3/HI:RycpDfb2/HI
Static task
static1
Behavioral task
behavioral1
Sample
52387ccf1edb1a80d1c15873e3f3ac88c79a4fd8d5429956417124526e1a0cc4.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
52387ccf1edb1a80d1c15873e3f3ac88c79a4fd8d5429956417124526e1a0cc4.exe
Resource
win10v2004-20230221-en
Malware Config
Targets
-
-
Target
52387ccf1edb1a80d1c15873e3f3ac88c79a4fd8d5429956417124526e1a0cc4
-
Size
480KB
-
MD5
20d04c1821001d935d8ab428d07f5b3f
-
SHA1
a0f3de5c6fd5a77f69b2968f06658b53ed4c8496
-
SHA256
52387ccf1edb1a80d1c15873e3f3ac88c79a4fd8d5429956417124526e1a0cc4
-
SHA512
3f4fe8241d327aa6d000641aef14848564e9a23ea8e178fc77832a334d484f709241b2fb701cb3d0ebd7e287b62c209b181260eaf71767f92b989732434e169a
-
SSDEEP
12288:7Mrmy90FSy38Te3E2PBa2lcg7jBe3/HI:RycpDfb2/HI
-
Detects Redline Stealer samples
This rule detects the presence of Redline Stealer samples based on their unique strings.
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-