Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
0495d1f62563f75dc67ecda28ee2dabc661231ca970384ca381de3c0fa05c43e
-
Size
559KB
-
Sample
230506-2k8z5sdd25
-
MD5
b38519a8f782c971c8e84c3635436558
-
SHA1
80ffc807405954bd1a5dde8f3768f7c281a4e1d0
-
SHA256
0495d1f62563f75dc67ecda28ee2dabc661231ca970384ca381de3c0fa05c43e
-
SHA512
be9e0f96733821304c286d3f7b41a6e54c36d29c0b4e526df98bf1a719017a932550b12fae7a6e193ba677f69fa3fc46bf75a4f666183b758aff492a13e42e15
-
SSDEEP
12288:9y90edrF7922Dh/pHnu6uv3Ecj/qDsINq4A082a5:9yDtFbxHduv03i2Q
Malware Config
Targets
-
-
Target
0495d1f62563f75dc67ecda28ee2dabc661231ca970384ca381de3c0fa05c43e
-
Size
559KB
-
MD5
b38519a8f782c971c8e84c3635436558
-
SHA1
80ffc807405954bd1a5dde8f3768f7c281a4e1d0
-
SHA256
0495d1f62563f75dc67ecda28ee2dabc661231ca970384ca381de3c0fa05c43e
-
SHA512
be9e0f96733821304c286d3f7b41a6e54c36d29c0b4e526df98bf1a719017a932550b12fae7a6e193ba677f69fa3fc46bf75a4f666183b758aff492a13e42e15
-
SSDEEP
12288:9y90edrF7922Dh/pHnu6uv3Ecj/qDsINq4A082a5:9yDtFbxHduv03i2Q
Score10/10-
Detects Redline Stealer samples
This rule detects the presence of Redline Stealer samples based on their unique strings.
-
Modifies Windows Defender Real-time Protection settings
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Windows security modification
-
Adds Run key to start application
-