Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    075de5873b4fbb3bd51f63e030d66a349d1c6e582961ad17809b6a7d71e69283.bin

  • Size

    702KB

  • Sample

    230506-2pnvrsdg57

  • MD5

    95a5b96020e2cc45ea7b0f376c13b055

  • SHA1

    7717072b0bdfb1dd9b0e7bb8a46f8e6b68ab124a

  • SHA256

    075de5873b4fbb3bd51f63e030d66a349d1c6e582961ad17809b6a7d71e69283

  • SHA512

    1c9d148c3d818416985501f973dbf2bf1b4dd9d0ae46abe004f802aafd6a274474774c960fac6671c3f6a24f146d1d54e802c61894dc1500e5841203c4248c51

  • SSDEEP

    12288:Uy90iWbevzP2bGG03AK2tkxRNY8jV4DbQlt1DEG2Vo9wJrfb7X8KJoVpX:Uy/0e720/2uNYj/K14GRwBDAKeVpX

Malware Config

Targets

    • Target

      075de5873b4fbb3bd51f63e030d66a349d1c6e582961ad17809b6a7d71e69283.bin

    • Size

      702KB

    • MD5

      95a5b96020e2cc45ea7b0f376c13b055

    • SHA1

      7717072b0bdfb1dd9b0e7bb8a46f8e6b68ab124a

    • SHA256

      075de5873b4fbb3bd51f63e030d66a349d1c6e582961ad17809b6a7d71e69283

    • SHA512

      1c9d148c3d818416985501f973dbf2bf1b4dd9d0ae46abe004f802aafd6a274474774c960fac6671c3f6a24f146d1d54e802c61894dc1500e5841203c4248c51

    • SSDEEP

      12288:Uy90iWbevzP2bGG03AK2tkxRNY8jV4DbQlt1DEG2Vo9wJrfb7X8KJoVpX:Uy/0e720/2uNYj/K14GRwBDAKeVpX

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks