Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    02a95b4835016a5f0cb57e1429569bfa.exe.bin

  • Size

    747KB

  • Sample

    230506-yyxbqada2v

  • MD5

    02a95b4835016a5f0cb57e1429569bfa

  • SHA1

    a6cc2171275faafa07b71ed1f05d69e459de4ec2

  • SHA256

    8e1fde8738b3f83e7e01465a26d198229055664810dcc2342ed53771d6898b9f

  • SHA512

    02237be0baf5d7428d727ac208d5bbcdda2e7647dc59326486c495f719cf82ccca5c62a3187438b2c952bc13396296b819345a0fcae6a3ced2855f11acb275a3

  • SSDEEP

    12288:vy90AYpyJiVwF2vW1Gutmz6bGJM1NcU7NYpuDED2Rbe4wVTa4DF:vyAyN2vGbmwATU7NK0ocbeZVmS

Malware Config

Targets

    • Target

      02a95b4835016a5f0cb57e1429569bfa.exe.bin

    • Size

      747KB

    • MD5

      02a95b4835016a5f0cb57e1429569bfa

    • SHA1

      a6cc2171275faafa07b71ed1f05d69e459de4ec2

    • SHA256

      8e1fde8738b3f83e7e01465a26d198229055664810dcc2342ed53771d6898b9f

    • SHA512

      02237be0baf5d7428d727ac208d5bbcdda2e7647dc59326486c495f719cf82ccca5c62a3187438b2c952bc13396296b819345a0fcae6a3ced2855f11acb275a3

    • SSDEEP

      12288:vy90AYpyJiVwF2vW1Gutmz6bGJM1NcU7NYpuDED2Rbe4wVTa4DF:vyAyN2vGbmwATU7NK0ocbeZVmS

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks