Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    0ebe8a9382b07868ad1996d9c240b77b9162ac1172f19b2772560a385055361e.bin

  • Size

    1.2MB

  • Sample

    230506-y9vx2abg73

  • MD5

    01c3b428ef841c6d25d28790465b6074

  • SHA1

    afccf0aa1b20e68b74c8596163f1e01e02949158

  • SHA256

    0ebe8a9382b07868ad1996d9c240b77b9162ac1172f19b2772560a385055361e

  • SHA512

    8699e11e2e1e0cd0a3cba703a3d85fd04ebf80deb10e3930b819f5c375073f77488b0948e3b1eb4f32ef69f3df991ce7c784bf3cdf51335a82bece21cbd9ba4e

  • SSDEEP

    24576:dCbht9y/vN4jFVkUI4Hiew2ltipvLt87VLLLVxCwaUdw578ObN/4SYrnP4uO:dCz9uyy4Hrw2lt2CxxCwbdw57fQSG

Malware Config

Targets

    • Target

      0ebe8a9382b07868ad1996d9c240b77b9162ac1172f19b2772560a385055361e.bin

    • Size

      1.2MB

    • MD5

      01c3b428ef841c6d25d28790465b6074

    • SHA1

      afccf0aa1b20e68b74c8596163f1e01e02949158

    • SHA256

      0ebe8a9382b07868ad1996d9c240b77b9162ac1172f19b2772560a385055361e

    • SHA512

      8699e11e2e1e0cd0a3cba703a3d85fd04ebf80deb10e3930b819f5c375073f77488b0948e3b1eb4f32ef69f3df991ce7c784bf3cdf51335a82bece21cbd9ba4e

    • SSDEEP

      24576:dCbht9y/vN4jFVkUI4Hiew2ltipvLt87VLLLVxCwaUdw578ObN/4SYrnP4uO:dCz9uyy4Hrw2lt2CxxCwbdw57fQSG

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks