Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    064f64f786dca12c052b72854095d23ae28a5a0fff32f2458158a7c8ad386171.bin

  • Size

    618KB

  • Sample

    230506-2mse6sfd5z

  • MD5

    95b4ed8d0970e066eeb69c015c020123

  • SHA1

    6544bfff3a57ebcd77599eb071aac69b5b50393c

  • SHA256

    064f64f786dca12c052b72854095d23ae28a5a0fff32f2458158a7c8ad386171

  • SHA512

    4dfc5defb7cf5b7f78b83049791b9d113b450e8ceaac6836cb3442cc2f3b5f1bb2c4b3b790c8b0978c84992dcf60747dbb0b2cd7fd7457107e7b739b75cd15f0

  • SSDEEP

    12288:Oy904wihH0OW3xIkaDVo2wj4H+N1yB2KCqD7OmnsT:OyHUvKoFtXlqDajT

Malware Config

Targets

    • Target

      064f64f786dca12c052b72854095d23ae28a5a0fff32f2458158a7c8ad386171.bin

    • Size

      618KB

    • MD5

      95b4ed8d0970e066eeb69c015c020123

    • SHA1

      6544bfff3a57ebcd77599eb071aac69b5b50393c

    • SHA256

      064f64f786dca12c052b72854095d23ae28a5a0fff32f2458158a7c8ad386171

    • SHA512

      4dfc5defb7cf5b7f78b83049791b9d113b450e8ceaac6836cb3442cc2f3b5f1bb2c4b3b790c8b0978c84992dcf60747dbb0b2cd7fd7457107e7b739b75cd15f0

    • SSDEEP

      12288:Oy904wihH0OW3xIkaDVo2wj4H+N1yB2KCqD7OmnsT:OyHUvKoFtXlqDajT

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks