Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
064f64f786dca12c052b72854095d23ae28a5a0fff32f2458158a7c8ad386171.bin
-
Size
618KB
-
Sample
230506-2mse6sfd5z
-
MD5
95b4ed8d0970e066eeb69c015c020123
-
SHA1
6544bfff3a57ebcd77599eb071aac69b5b50393c
-
SHA256
064f64f786dca12c052b72854095d23ae28a5a0fff32f2458158a7c8ad386171
-
SHA512
4dfc5defb7cf5b7f78b83049791b9d113b450e8ceaac6836cb3442cc2f3b5f1bb2c4b3b790c8b0978c84992dcf60747dbb0b2cd7fd7457107e7b739b75cd15f0
-
SSDEEP
12288:Oy904wihH0OW3xIkaDVo2wj4H+N1yB2KCqD7OmnsT:OyHUvKoFtXlqDajT
Malware Config
Targets
-
-
Target
064f64f786dca12c052b72854095d23ae28a5a0fff32f2458158a7c8ad386171.bin
-
Size
618KB
-
MD5
95b4ed8d0970e066eeb69c015c020123
-
SHA1
6544bfff3a57ebcd77599eb071aac69b5b50393c
-
SHA256
064f64f786dca12c052b72854095d23ae28a5a0fff32f2458158a7c8ad386171
-
SHA512
4dfc5defb7cf5b7f78b83049791b9d113b450e8ceaac6836cb3442cc2f3b5f1bb2c4b3b790c8b0978c84992dcf60747dbb0b2cd7fd7457107e7b739b75cd15f0
-
SSDEEP
12288:Oy904wihH0OW3xIkaDVo2wj4H+N1yB2KCqD7OmnsT:OyHUvKoFtXlqDajT
Score10/10-
Detects Redline Stealer samples
This rule detects the presence of Redline Stealer samples based on their unique strings.
-
Modifies Windows Defender Real-time Protection settings
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Windows security modification
-
Adds Run key to start application
-