Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    55002c49f5f0b638221f6db9b75f91c5ee916d31b5a91661a03402b27675de7a.bin

  • Size

    1.2MB

  • Sample

    230506-1vznsaab82

  • MD5

    4846884c14ded21fe9d4f661335b289e

  • SHA1

    190d9c8df6010b6434f447e9ebebe2500a081ef1

  • SHA256

    55002c49f5f0b638221f6db9b75f91c5ee916d31b5a91661a03402b27675de7a

  • SHA512

    57335c61304e01279dfaed5403c6c3fbd3beed780798b096bda1ccc177ebac21b5591f5277c35500d235e6eb098182713f5ea22578f67c93cd6bd5bc1e80dedf

  • SSDEEP

    24576:+Cbht9y/vN4jFVkUI4Hiew2ltipvLt87VLLLVxCwaUdw578ObN/4SYrnP4uO:+Cz9uyy4Hrw2lt2CxxCwbdw57fQSG

Malware Config

Targets

    • Target

      55002c49f5f0b638221f6db9b75f91c5ee916d31b5a91661a03402b27675de7a.bin

    • Size

      1.2MB

    • MD5

      4846884c14ded21fe9d4f661335b289e

    • SHA1

      190d9c8df6010b6434f447e9ebebe2500a081ef1

    • SHA256

      55002c49f5f0b638221f6db9b75f91c5ee916d31b5a91661a03402b27675de7a

    • SHA512

      57335c61304e01279dfaed5403c6c3fbd3beed780798b096bda1ccc177ebac21b5591f5277c35500d235e6eb098182713f5ea22578f67c93cd6bd5bc1e80dedf

    • SSDEEP

      24576:+Cbht9y/vN4jFVkUI4Hiew2ltipvLt87VLLLVxCwaUdw578ObN/4SYrnP4uO:+Cz9uyy4Hrw2lt2CxxCwbdw57fQSG

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks