Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    543ab68b1c5fce8df32ebb02dcd900640cb27b668bfb625502cf08de87217362.bin

  • Size

    690KB

  • Sample

    230506-1vecvaab36

  • MD5

    f0c7cd4460a3b7348cfdc30280f86d83

  • SHA1

    322bcd748f0d54ac2e17eb115ebd74d62b7d3f71

  • SHA256

    543ab68b1c5fce8df32ebb02dcd900640cb27b668bfb625502cf08de87217362

  • SHA512

    6493463afb574586411d80eda07a8ed0e99afc032c1477497fb175139617b894029a615f4f64408bec9bde1abbcb75ed6ec042de825623a977e6b7f6cd635989

  • SSDEEP

    12288:zy90z7fXrWmm6RlMIQDgXxMIcRIO/QxDTT8WNzOvfV0f:zyaXrWL6Rl4sNcsxDTTxNSCf

Malware Config

Targets

    • Target

      543ab68b1c5fce8df32ebb02dcd900640cb27b668bfb625502cf08de87217362.bin

    • Size

      690KB

    • MD5

      f0c7cd4460a3b7348cfdc30280f86d83

    • SHA1

      322bcd748f0d54ac2e17eb115ebd74d62b7d3f71

    • SHA256

      543ab68b1c5fce8df32ebb02dcd900640cb27b668bfb625502cf08de87217362

    • SHA512

      6493463afb574586411d80eda07a8ed0e99afc032c1477497fb175139617b894029a615f4f64408bec9bde1abbcb75ed6ec042de825623a977e6b7f6cd635989

    • SSDEEP

      12288:zy90z7fXrWmm6RlMIQDgXxMIcRIO/QxDTT8WNzOvfV0f:zyaXrWL6Rl4sNcsxDTTxNSCf

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks