Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
00926b3d4f85269d529853c42e0dd129899316d787da8618a8e848f5a6f3ba11.bin
-
Size
562KB
-
Sample
230506-yww8yacg4v
-
MD5
97c595cb66e1f6deec551420e3200b47
-
SHA1
a057ae45da59a8377be5657debbc4e3d1a258726
-
SHA256
00926b3d4f85269d529853c42e0dd129899316d787da8618a8e848f5a6f3ba11
-
SHA512
599738cd1eee0ca92abf95d755a4eb7a61f69ba7924c824079b990a0eb6f1e06bd92e66ece03d6a45090cad47a70824994c0906e2fa81547175ae77e927a888c
-
SSDEEP
12288:7y90y2tPo9hlrUUqKXHUSNV4CzXEbaNI57DutqbYFweOFB:7y7rb0KX1V4+0aq8EbFe+
Static task
static1
Behavioral task
behavioral1
Sample
00926b3d4f85269d529853c42e0dd129899316d787da8618a8e848f5a6f3ba11.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
00926b3d4f85269d529853c42e0dd129899316d787da8618a8e848f5a6f3ba11.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
00926b3d4f85269d529853c42e0dd129899316d787da8618a8e848f5a6f3ba11.bin
-
Size
562KB
-
MD5
97c595cb66e1f6deec551420e3200b47
-
SHA1
a057ae45da59a8377be5657debbc4e3d1a258726
-
SHA256
00926b3d4f85269d529853c42e0dd129899316d787da8618a8e848f5a6f3ba11
-
SHA512
599738cd1eee0ca92abf95d755a4eb7a61f69ba7924c824079b990a0eb6f1e06bd92e66ece03d6a45090cad47a70824994c0906e2fa81547175ae77e927a888c
-
SSDEEP
12288:7y90y2tPo9hlrUUqKXHUSNV4CzXEbaNI57DutqbYFweOFB:7y7rb0KX1V4+0aq8EbFe+
-
Detects Redline Stealer samples
This rule detects the presence of Redline Stealer samples based on their unique strings.
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-