Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
06c5d28afa1db33d1ffeeb1c3ac882dcbb497fa6a263bbb1adb1227fdc172f34
-
Size
707KB
-
Sample
230506-y3vzfsdd7z
-
MD5
eea516911c040a3232afdb61533cb10b
-
SHA1
3928c44a1c8b7064494d469c1c95e77c48d23ef9
-
SHA256
06c5d28afa1db33d1ffeeb1c3ac882dcbb497fa6a263bbb1adb1227fdc172f34
-
SHA512
71174674a611c708e89b333e75d5bdaacb215f5da6592b4705c8403f5a885c636fa0a6a616e33dbf26ba2e3d70c0ef9dcc91d7452ac46c4e718a7fe79e011faa
-
SSDEEP
12288:aMrXy90RYpaGc1N2ZN1y/Rl7rn7TUZdvOprelaTaXEDHZ5u74dYqFSmW:1yRaGR1yJhAZd2pClaTd95u0dY7mW
Static task
static1
Behavioral task
behavioral1
Sample
06c5d28afa1db33d1ffeeb1c3ac882dcbb497fa6a263bbb1adb1227fdc172f34.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
06c5d28afa1db33d1ffeeb1c3ac882dcbb497fa6a263bbb1adb1227fdc172f34.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
06c5d28afa1db33d1ffeeb1c3ac882dcbb497fa6a263bbb1adb1227fdc172f34
-
Size
707KB
-
MD5
eea516911c040a3232afdb61533cb10b
-
SHA1
3928c44a1c8b7064494d469c1c95e77c48d23ef9
-
SHA256
06c5d28afa1db33d1ffeeb1c3ac882dcbb497fa6a263bbb1adb1227fdc172f34
-
SHA512
71174674a611c708e89b333e75d5bdaacb215f5da6592b4705c8403f5a885c636fa0a6a616e33dbf26ba2e3d70c0ef9dcc91d7452ac46c4e718a7fe79e011faa
-
SSDEEP
12288:aMrXy90RYpaGc1N2ZN1y/Rl7rn7TUZdvOprelaTaXEDHZ5u74dYqFSmW:1yRaGR1yJhAZd2pClaTd95u0dY7mW
Score10/10-
Detects Redline Stealer samples
This rule detects the presence of Redline Stealer samples based on their unique strings.
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-