Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    7061589d3ebf0bf0c3b9e241f8d15a2047b791d0d102ae3764b41c7a6e900096

  • Size

    1.2MB

  • Sample

    230506-2d9m4acf35

  • MD5

    6b167374f39264956880174343f2be39

  • SHA1

    35b12f9c031bff55c33589a073b056bae802a9d8

  • SHA256

    7061589d3ebf0bf0c3b9e241f8d15a2047b791d0d102ae3764b41c7a6e900096

  • SHA512

    f554b1f53a4ae6d7cd6534dde0d55135713279a0d1cb7b48c9ec7dc4840c2acb8f223ed2e483d12ce4e4d20b3522408a478d31d00fe3d5fd872baf1631b9dd9b

  • SSDEEP

    24576:KylXbAIQv4U/wVB1e863bh1UsYXlesp389DdC65YyK7+Fqoi93MiVHv:RlXbuiU863gVesd8VdCEK7+Fq9MO

Malware Config

Targets

    • Target

      7061589d3ebf0bf0c3b9e241f8d15a2047b791d0d102ae3764b41c7a6e900096

    • Size

      1.2MB

    • MD5

      6b167374f39264956880174343f2be39

    • SHA1

      35b12f9c031bff55c33589a073b056bae802a9d8

    • SHA256

      7061589d3ebf0bf0c3b9e241f8d15a2047b791d0d102ae3764b41c7a6e900096

    • SHA512

      f554b1f53a4ae6d7cd6534dde0d55135713279a0d1cb7b48c9ec7dc4840c2acb8f223ed2e483d12ce4e4d20b3522408a478d31d00fe3d5fd872baf1631b9dd9b

    • SSDEEP

      24576:KylXbAIQv4U/wVB1e863bh1UsYXlesp389DdC65YyK7+Fqoi93MiVHv:RlXbuiU863gVesd8VdCEK7+Fq9MO

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks