Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    6c46ce521f6b706e5151892084527206796d99d58fb0a2fdcad280ab56e83bb0

  • Size

    376KB

  • Sample

    230506-2bjc5aea6z

  • MD5

    83c3dbfb9b006ee2f9b335fe59fcf58d

  • SHA1

    0b9c845004bb0af011834a74df48b65a8b4e2079

  • SHA256

    6c46ce521f6b706e5151892084527206796d99d58fb0a2fdcad280ab56e83bb0

  • SHA512

    ebf8744df433102655afe32d462070663c8fe969d30a1302613f53765dfa434bb2c02316550236572b3ee09b439a20c6705410cd392dd8e49d29ed10086bcd36

  • SSDEEP

    6144:Kty+bnr+6p0yN90QE6+ZQU8V11OxBnN4vs05MlML9JE38HymKymA8T:nMruy90Q+B8Vryyvs057pJeqMbT

Malware Config

Targets

    • Target

      6c46ce521f6b706e5151892084527206796d99d58fb0a2fdcad280ab56e83bb0

    • Size

      376KB

    • MD5

      83c3dbfb9b006ee2f9b335fe59fcf58d

    • SHA1

      0b9c845004bb0af011834a74df48b65a8b4e2079

    • SHA256

      6c46ce521f6b706e5151892084527206796d99d58fb0a2fdcad280ab56e83bb0

    • SHA512

      ebf8744df433102655afe32d462070663c8fe969d30a1302613f53765dfa434bb2c02316550236572b3ee09b439a20c6705410cd392dd8e49d29ed10086bcd36

    • SSDEEP

      6144:Kty+bnr+6p0yN90QE6+ZQU8V11OxBnN4vs05MlML9JE38HymKymA8T:nMruy90Q+B8Vryyvs057pJeqMbT

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks