Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    70b6b48bf784ae6b415d3dbac1729bf59254caf128f69925063d6ea591cf9040

  • Size

    387KB

  • Sample

    230506-2ejhased9s

  • MD5

    cee839d483ec9c78e683386fb104096a

  • SHA1

    f488dfafead30a7418691835f7e06cce1c1ea474

  • SHA256

    70b6b48bf784ae6b415d3dbac1729bf59254caf128f69925063d6ea591cf9040

  • SHA512

    19e50c0c7672b191a63c7a64f14366e851633d586fc5b96fddae648895241b900aa195ef6cf91eee10f39aff8e472817ee2ee2198a9eb5b777e8cc41918c2acf

  • SSDEEP

    6144:K4y+bnr+Jp0yN90QEBcWGxBLXJGHA3BrudQUGTnIEZRC8blbWF40B3dIDT:0Mrpy90oWGncA3BGvoICRCYlM4W3dI/

Malware Config

Targets

    • Target

      70b6b48bf784ae6b415d3dbac1729bf59254caf128f69925063d6ea591cf9040

    • Size

      387KB

    • MD5

      cee839d483ec9c78e683386fb104096a

    • SHA1

      f488dfafead30a7418691835f7e06cce1c1ea474

    • SHA256

      70b6b48bf784ae6b415d3dbac1729bf59254caf128f69925063d6ea591cf9040

    • SHA512

      19e50c0c7672b191a63c7a64f14366e851633d586fc5b96fddae648895241b900aa195ef6cf91eee10f39aff8e472817ee2ee2198a9eb5b777e8cc41918c2acf

    • SSDEEP

      6144:K4y+bnr+Jp0yN90QEBcWGxBLXJGHA3BrudQUGTnIEZRC8blbWF40B3dIDT:0Mrpy90oWGncA3BGvoICRCYlM4W3dI/

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks