Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    72609d7db9b41b0c1eb29b131f6e693be189e103a03157ab530ac845e37a20f7.bin

  • Size

    611KB

  • Sample

    230506-2fnhmsef3w

  • MD5

    204e166c754dda250602c6dbc17180de

  • SHA1

    d073c88b97313982dd7b050b4068517e5db8a067

  • SHA256

    72609d7db9b41b0c1eb29b131f6e693be189e103a03157ab530ac845e37a20f7

  • SHA512

    3739476a8e4ab80f57f38f4f9a35a900bc026b19037e625fc9befafe2373b66ac6f7b3e9afe32dda465aef0d87f012306ed6f8482b7fb59645d6a090a79ffef6

  • SSDEEP

    12288:qy90MSMFAM8KvPs3Gld0aFHEVmxKqgSRUIiWhOJLwX:qy1SMnPPUWwmxfR9icOJMX

Malware Config

Targets

    • Target

      72609d7db9b41b0c1eb29b131f6e693be189e103a03157ab530ac845e37a20f7.bin

    • Size

      611KB

    • MD5

      204e166c754dda250602c6dbc17180de

    • SHA1

      d073c88b97313982dd7b050b4068517e5db8a067

    • SHA256

      72609d7db9b41b0c1eb29b131f6e693be189e103a03157ab530ac845e37a20f7

    • SHA512

      3739476a8e4ab80f57f38f4f9a35a900bc026b19037e625fc9befafe2373b66ac6f7b3e9afe32dda465aef0d87f012306ed6f8482b7fb59645d6a090a79ffef6

    • SSDEEP

      12288:qy90MSMFAM8KvPs3Gld0aFHEVmxKqgSRUIiWhOJLwX:qy1SMnPPUWwmxfR9icOJMX

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks