Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    6dec6fbc08f72cd75f83901acfac971d5a7303555cb562b85bfcd1b219e37302.bin

  • Size

    612KB

  • Sample

    230506-2cpxascd73

  • MD5

    5fadd395151a2dc7a6fbdf729438624a

  • SHA1

    0bee04c2f712d9380cb5d637140463f0922dc9fa

  • SHA256

    6dec6fbc08f72cd75f83901acfac971d5a7303555cb562b85bfcd1b219e37302

  • SHA512

    79ecec33904526fc9d2c6ee17003828bc317dc21a2ce2113dd33cfb80456971dcef78435096229bbe7948ab9803a2b924d1fa8155794c8fd1e2abc6725e409ba

  • SSDEEP

    12288:ky900cg5+A8n98FdISCLw2gii6Wdx7w83xb3FLS+kI:kyFci+B9AHQw29Dac8hb6I

Malware Config

Targets

    • Target

      6dec6fbc08f72cd75f83901acfac971d5a7303555cb562b85bfcd1b219e37302.bin

    • Size

      612KB

    • MD5

      5fadd395151a2dc7a6fbdf729438624a

    • SHA1

      0bee04c2f712d9380cb5d637140463f0922dc9fa

    • SHA256

      6dec6fbc08f72cd75f83901acfac971d5a7303555cb562b85bfcd1b219e37302

    • SHA512

      79ecec33904526fc9d2c6ee17003828bc317dc21a2ce2113dd33cfb80456971dcef78435096229bbe7948ab9803a2b924d1fa8155794c8fd1e2abc6725e409ba

    • SSDEEP

      12288:ky900cg5+A8n98FdISCLw2gii6Wdx7w83xb3FLS+kI:kyFci+B9AHQw29Dac8hb6I

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks