Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
075de5873b4fbb3bd51f63e030d66a349d1c6e582961ad17809b6a7d71e69283.bin
-
Size
702KB
-
Sample
230506-2pnvrsdg57
-
MD5
95a5b96020e2cc45ea7b0f376c13b055
-
SHA1
7717072b0bdfb1dd9b0e7bb8a46f8e6b68ab124a
-
SHA256
075de5873b4fbb3bd51f63e030d66a349d1c6e582961ad17809b6a7d71e69283
-
SHA512
1c9d148c3d818416985501f973dbf2bf1b4dd9d0ae46abe004f802aafd6a274474774c960fac6671c3f6a24f146d1d54e802c61894dc1500e5841203c4248c51
-
SSDEEP
12288:Uy90iWbevzP2bGG03AK2tkxRNY8jV4DbQlt1DEG2Vo9wJrfb7X8KJoVpX:Uy/0e720/2uNYj/K14GRwBDAKeVpX
Static task
static1
Behavioral task
behavioral1
Sample
075de5873b4fbb3bd51f63e030d66a349d1c6e582961ad17809b6a7d71e69283.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
075de5873b4fbb3bd51f63e030d66a349d1c6e582961ad17809b6a7d71e69283.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
075de5873b4fbb3bd51f63e030d66a349d1c6e582961ad17809b6a7d71e69283.bin
-
Size
702KB
-
MD5
95a5b96020e2cc45ea7b0f376c13b055
-
SHA1
7717072b0bdfb1dd9b0e7bb8a46f8e6b68ab124a
-
SHA256
075de5873b4fbb3bd51f63e030d66a349d1c6e582961ad17809b6a7d71e69283
-
SHA512
1c9d148c3d818416985501f973dbf2bf1b4dd9d0ae46abe004f802aafd6a274474774c960fac6671c3f6a24f146d1d54e802c61894dc1500e5841203c4248c51
-
SSDEEP
12288:Uy90iWbevzP2bGG03AK2tkxRNY8jV4DbQlt1DEG2Vo9wJrfb7X8KJoVpX:Uy/0e720/2uNYj/K14GRwBDAKeVpX
-
Detects Redline Stealer samples
This rule detects the presence of Redline Stealer samples based on their unique strings.
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-