Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    00926b3d4f85269d529853c42e0dd129899316d787da8618a8e848f5a6f3ba11.bin

  • Size

    562KB

  • Sample

    230506-yww8yacg4v

  • MD5

    97c595cb66e1f6deec551420e3200b47

  • SHA1

    a057ae45da59a8377be5657debbc4e3d1a258726

  • SHA256

    00926b3d4f85269d529853c42e0dd129899316d787da8618a8e848f5a6f3ba11

  • SHA512

    599738cd1eee0ca92abf95d755a4eb7a61f69ba7924c824079b990a0eb6f1e06bd92e66ece03d6a45090cad47a70824994c0906e2fa81547175ae77e927a888c

  • SSDEEP

    12288:7y90y2tPo9hlrUUqKXHUSNV4CzXEbaNI57DutqbYFweOFB:7y7rb0KX1V4+0aq8EbFe+

Malware Config

Targets

    • Target

      00926b3d4f85269d529853c42e0dd129899316d787da8618a8e848f5a6f3ba11.bin

    • Size

      562KB

    • MD5

      97c595cb66e1f6deec551420e3200b47

    • SHA1

      a057ae45da59a8377be5657debbc4e3d1a258726

    • SHA256

      00926b3d4f85269d529853c42e0dd129899316d787da8618a8e848f5a6f3ba11

    • SHA512

      599738cd1eee0ca92abf95d755a4eb7a61f69ba7924c824079b990a0eb6f1e06bd92e66ece03d6a45090cad47a70824994c0906e2fa81547175ae77e927a888c

    • SSDEEP

      12288:7y90y2tPo9hlrUUqKXHUSNV4CzXEbaNI57DutqbYFweOFB:7y7rb0KX1V4+0aq8EbFe+

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks