Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    06963107e2991f18b4ee70d8bcad3b3ef13166c1b1ee34993cba2208f7834d96.bin

  • Size

    746KB

  • Sample

    230506-y3myvadd6t

  • MD5

    6d42a5aa78213429190d0a0934dc6b24

  • SHA1

    fd3d8d238440a2fab9cb6d5a9a93c741e1f2d8bf

  • SHA256

    06963107e2991f18b4ee70d8bcad3b3ef13166c1b1ee34993cba2208f7834d96

  • SHA512

    b9722189ee2d67791996c6cfb182a52189c186b65e78df82ae9b4209faad150a9c41cc006dbd889a6d339fbbe18c3e216828dad963f66d53f9fc864431def0f6

  • SSDEEP

    12288:9y90WArweOkO4mzxdXHxmGtHwSONtTEFNgxGuaq9jcBtgXPl8iVuGf4fBV25rW:9ymkMSzjBftHwSONtTEFNg7kgXNFVlMt

Malware Config

Targets

    • Target

      06963107e2991f18b4ee70d8bcad3b3ef13166c1b1ee34993cba2208f7834d96.bin

    • Size

      746KB

    • MD5

      6d42a5aa78213429190d0a0934dc6b24

    • SHA1

      fd3d8d238440a2fab9cb6d5a9a93c741e1f2d8bf

    • SHA256

      06963107e2991f18b4ee70d8bcad3b3ef13166c1b1ee34993cba2208f7834d96

    • SHA512

      b9722189ee2d67791996c6cfb182a52189c186b65e78df82ae9b4209faad150a9c41cc006dbd889a6d339fbbe18c3e216828dad963f66d53f9fc864431def0f6

    • SSDEEP

      12288:9y90WArweOkO4mzxdXHxmGtHwSONtTEFNgxGuaq9jcBtgXPl8iVuGf4fBV25rW:9ymkMSzjBftHwSONtTEFNg7kgXNFVlMt

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks