Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    0ad417395aa118aed3d3b7a3a0185780c62defe77606f5c82f9f35189d0a8d2f.bin

  • Size

    1.2MB

  • Sample

    230506-y6yvhsbe22

  • MD5

    040da786631a25243976d24a86dc971f

  • SHA1

    66cf699fa4d91c5117a15896a39252a865edf98c

  • SHA256

    0ad417395aa118aed3d3b7a3a0185780c62defe77606f5c82f9f35189d0a8d2f

  • SHA512

    d59b969befeed95ccc0b56ad7ba6c0e6a6d895c4634f740438b16f035b2e27b90eb204b67a8efce9cb3cca76fefaad645d22b6a30692f15d4437526b82288b78

  • SSDEEP

    24576:AJTQ1MCZCJyl7wU5zv38snXz/fbJufQkK/DmkzG66jWSZ2dAA7Ul26:AJWM1m775zv3VXDtIQgkzG6Lm2D7Ul2

Malware Config

Targets

    • Target

      0ad417395aa118aed3d3b7a3a0185780c62defe77606f5c82f9f35189d0a8d2f.bin

    • Size

      1.2MB

    • MD5

      040da786631a25243976d24a86dc971f

    • SHA1

      66cf699fa4d91c5117a15896a39252a865edf98c

    • SHA256

      0ad417395aa118aed3d3b7a3a0185780c62defe77606f5c82f9f35189d0a8d2f

    • SHA512

      d59b969befeed95ccc0b56ad7ba6c0e6a6d895c4634f740438b16f035b2e27b90eb204b67a8efce9cb3cca76fefaad645d22b6a30692f15d4437526b82288b78

    • SSDEEP

      24576:AJTQ1MCZCJyl7wU5zv38snXz/fbJufQkK/DmkzG66jWSZ2dAA7Ul26:AJWM1m775zv3VXDtIQgkzG6Lm2D7Ul2

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks