Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    06c5d28afa1db33d1ffeeb1c3ac882dcbb497fa6a263bbb1adb1227fdc172f34

  • Size

    707KB

  • Sample

    230506-y3vzfsdd7z

  • MD5

    eea516911c040a3232afdb61533cb10b

  • SHA1

    3928c44a1c8b7064494d469c1c95e77c48d23ef9

  • SHA256

    06c5d28afa1db33d1ffeeb1c3ac882dcbb497fa6a263bbb1adb1227fdc172f34

  • SHA512

    71174674a611c708e89b333e75d5bdaacb215f5da6592b4705c8403f5a885c636fa0a6a616e33dbf26ba2e3d70c0ef9dcc91d7452ac46c4e718a7fe79e011faa

  • SSDEEP

    12288:aMrXy90RYpaGc1N2ZN1y/Rl7rn7TUZdvOprelaTaXEDHZ5u74dYqFSmW:1yRaGR1yJhAZd2pClaTd95u0dY7mW

Malware Config

Targets

    • Target

      06c5d28afa1db33d1ffeeb1c3ac882dcbb497fa6a263bbb1adb1227fdc172f34

    • Size

      707KB

    • MD5

      eea516911c040a3232afdb61533cb10b

    • SHA1

      3928c44a1c8b7064494d469c1c95e77c48d23ef9

    • SHA256

      06c5d28afa1db33d1ffeeb1c3ac882dcbb497fa6a263bbb1adb1227fdc172f34

    • SHA512

      71174674a611c708e89b333e75d5bdaacb215f5da6592b4705c8403f5a885c636fa0a6a616e33dbf26ba2e3d70c0ef9dcc91d7452ac46c4e718a7fe79e011faa

    • SSDEEP

      12288:aMrXy90RYpaGc1N2ZN1y/Rl7rn7TUZdvOprelaTaXEDHZ5u74dYqFSmW:1yRaGR1yJhAZd2pClaTd95u0dY7mW

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks