Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
6d407a2523b0cb6b61fd58dcaf8f4f68fde833dc81d100011423211d2439e3d9.bin
-
Size
690KB
-
Sample
230506-2cclzaeb51
-
MD5
c7ab0dfa09afc1aacc39af792090052b
-
SHA1
3a20067dff58b476ce6b3fba3ed551d6d0a19438
-
SHA256
6d407a2523b0cb6b61fd58dcaf8f4f68fde833dc81d100011423211d2439e3d9
-
SHA512
c056825909e60ae2862cca8bda46bb302fd31837c96d759b03395656edd0f5a782cd0807490f0a4758db17829349ebc01dac54b0df217eace5557f0c30b2dd12
-
SSDEEP
12288:Wy90erFygb3dfQykHWF/czVYfW/O8n8uGDIHXjzzpQFPR:WyfrFygbGbHWceWD8uGsHXPzSR
Static task
static1
Behavioral task
behavioral1
Sample
6d407a2523b0cb6b61fd58dcaf8f4f68fde833dc81d100011423211d2439e3d9.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
6d407a2523b0cb6b61fd58dcaf8f4f68fde833dc81d100011423211d2439e3d9.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
6d407a2523b0cb6b61fd58dcaf8f4f68fde833dc81d100011423211d2439e3d9.bin
-
Size
690KB
-
MD5
c7ab0dfa09afc1aacc39af792090052b
-
SHA1
3a20067dff58b476ce6b3fba3ed551d6d0a19438
-
SHA256
6d407a2523b0cb6b61fd58dcaf8f4f68fde833dc81d100011423211d2439e3d9
-
SHA512
c056825909e60ae2862cca8bda46bb302fd31837c96d759b03395656edd0f5a782cd0807490f0a4758db17829349ebc01dac54b0df217eace5557f0c30b2dd12
-
SSDEEP
12288:Wy90erFygb3dfQykHWF/czVYfW/O8n8uGDIHXjzzpQFPR:WyfrFygbGbHWceWD8uGsHXPzSR
-
Detects Redline Stealer samples
This rule detects the presence of Redline Stealer samples based on their unique strings.
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-