Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    6d407a2523b0cb6b61fd58dcaf8f4f68fde833dc81d100011423211d2439e3d9.bin

  • Size

    690KB

  • Sample

    230506-2cclzaeb51

  • MD5

    c7ab0dfa09afc1aacc39af792090052b

  • SHA1

    3a20067dff58b476ce6b3fba3ed551d6d0a19438

  • SHA256

    6d407a2523b0cb6b61fd58dcaf8f4f68fde833dc81d100011423211d2439e3d9

  • SHA512

    c056825909e60ae2862cca8bda46bb302fd31837c96d759b03395656edd0f5a782cd0807490f0a4758db17829349ebc01dac54b0df217eace5557f0c30b2dd12

  • SSDEEP

    12288:Wy90erFygb3dfQykHWF/czVYfW/O8n8uGDIHXjzzpQFPR:WyfrFygbGbHWceWD8uGsHXPzSR

Malware Config

Targets

    • Target

      6d407a2523b0cb6b61fd58dcaf8f4f68fde833dc81d100011423211d2439e3d9.bin

    • Size

      690KB

    • MD5

      c7ab0dfa09afc1aacc39af792090052b

    • SHA1

      3a20067dff58b476ce6b3fba3ed551d6d0a19438

    • SHA256

      6d407a2523b0cb6b61fd58dcaf8f4f68fde833dc81d100011423211d2439e3d9

    • SHA512

      c056825909e60ae2862cca8bda46bb302fd31837c96d759b03395656edd0f5a782cd0807490f0a4758db17829349ebc01dac54b0df217eace5557f0c30b2dd12

    • SSDEEP

      12288:Wy90erFygb3dfQykHWF/czVYfW/O8n8uGDIHXjzzpQFPR:WyfrFygbGbHWceWD8uGsHXPzSR

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks