Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
075447ce64e305c8bb32c41a2cf5102f55803f76a2e6b52df991c489b01f9e82
-
Size
479KB
-
Sample
230506-2pmygaff5x
-
MD5
5577147c5b1aa1dd66b5b84982cf3ac8
-
SHA1
e4ab9506f13992d220905a63757b9e2c8b620cff
-
SHA256
075447ce64e305c8bb32c41a2cf5102f55803f76a2e6b52df991c489b01f9e82
-
SHA512
b1b9d057d9ea4a45fb7f27a6ac0a6450f9f4ddfbcfbeb47e4b46a8b4e81add0236b10f128af19d7b15094834eb959691dfc71a53e01f007c4ca4b85cd0a588ab
-
SSDEEP
12288:GMrfy90tmBpUQZuTzDMoDYmO6aW81OGDXGmRvJURd0uO+i:ByxpZZuIIWTh1OUWrdli
Static task
static1
Behavioral task
behavioral1
Sample
075447ce64e305c8bb32c41a2cf5102f55803f76a2e6b52df991c489b01f9e82.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
075447ce64e305c8bb32c41a2cf5102f55803f76a2e6b52df991c489b01f9e82.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
075447ce64e305c8bb32c41a2cf5102f55803f76a2e6b52df991c489b01f9e82
-
Size
479KB
-
MD5
5577147c5b1aa1dd66b5b84982cf3ac8
-
SHA1
e4ab9506f13992d220905a63757b9e2c8b620cff
-
SHA256
075447ce64e305c8bb32c41a2cf5102f55803f76a2e6b52df991c489b01f9e82
-
SHA512
b1b9d057d9ea4a45fb7f27a6ac0a6450f9f4ddfbcfbeb47e4b46a8b4e81add0236b10f128af19d7b15094834eb959691dfc71a53e01f007c4ca4b85cd0a588ab
-
SSDEEP
12288:GMrfy90tmBpUQZuTzDMoDYmO6aW81OGDXGmRvJURd0uO+i:ByxpZZuIIWTh1OUWrdli
-
Detects Redline Stealer samples
This rule detects the presence of Redline Stealer samples based on their unique strings.
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-