Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    0808a60a9b8a4fbe55a0b7d7ada72f909a0225c2c7452ea583e8e506a2bde8a9.bin

  • Size

    643KB

  • Sample

    230506-y4w8xade6y

  • MD5

    e1268b122e981ea245e85dadaf52f39e

  • SHA1

    fabd95e3ec5274bc7f218266eafbef29e72c6845

  • SHA256

    0808a60a9b8a4fbe55a0b7d7ada72f909a0225c2c7452ea583e8e506a2bde8a9

  • SHA512

    ce27e1ec965449d419e0c0de024cbb807b814b2121f4e6acd35479f96096866c25aa8958424bf795c8bc5c76d06207283245914fa16a8ec4bd4e37aa2839cfab

  • SSDEEP

    12288:/y90qK14l8AHIrX7jSQXV8q3EuYkqtE/S+Pi1ghUrJ1:/yFMuOrlVMurqO/k1gWz

Malware Config

Targets

    • Target

      0808a60a9b8a4fbe55a0b7d7ada72f909a0225c2c7452ea583e8e506a2bde8a9.bin

    • Size

      643KB

    • MD5

      e1268b122e981ea245e85dadaf52f39e

    • SHA1

      fabd95e3ec5274bc7f218266eafbef29e72c6845

    • SHA256

      0808a60a9b8a4fbe55a0b7d7ada72f909a0225c2c7452ea583e8e506a2bde8a9

    • SHA512

      ce27e1ec965449d419e0c0de024cbb807b814b2121f4e6acd35479f96096866c25aa8958424bf795c8bc5c76d06207283245914fa16a8ec4bd4e37aa2839cfab

    • SSDEEP

      12288:/y90qK14l8AHIrX7jSQXV8q3EuYkqtE/S+Pi1ghUrJ1:/yFMuOrlVMurqO/k1gWz

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks