Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
02a95b4835016a5f0cb57e1429569bfa.exe.bin
-
Size
747KB
-
Sample
230506-yyxbqada2v
-
MD5
02a95b4835016a5f0cb57e1429569bfa
-
SHA1
a6cc2171275faafa07b71ed1f05d69e459de4ec2
-
SHA256
8e1fde8738b3f83e7e01465a26d198229055664810dcc2342ed53771d6898b9f
-
SHA512
02237be0baf5d7428d727ac208d5bbcdda2e7647dc59326486c495f719cf82ccca5c62a3187438b2c952bc13396296b819345a0fcae6a3ced2855f11acb275a3
-
SSDEEP
12288:vy90AYpyJiVwF2vW1Gutmz6bGJM1NcU7NYpuDED2Rbe4wVTa4DF:vyAyN2vGbmwATU7NK0ocbeZVmS
Static task
static1
Behavioral task
behavioral1
Sample
02a95b4835016a5f0cb57e1429569bfa.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
02a95b4835016a5f0cb57e1429569bfa.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
02a95b4835016a5f0cb57e1429569bfa.exe.bin
-
Size
747KB
-
MD5
02a95b4835016a5f0cb57e1429569bfa
-
SHA1
a6cc2171275faafa07b71ed1f05d69e459de4ec2
-
SHA256
8e1fde8738b3f83e7e01465a26d198229055664810dcc2342ed53771d6898b9f
-
SHA512
02237be0baf5d7428d727ac208d5bbcdda2e7647dc59326486c495f719cf82ccca5c62a3187438b2c952bc13396296b819345a0fcae6a3ced2855f11acb275a3
-
SSDEEP
12288:vy90AYpyJiVwF2vW1Gutmz6bGJM1NcU7NYpuDED2Rbe4wVTa4DF:vyAyN2vGbmwATU7NK0ocbeZVmS
-
Detects Redline Stealer samples
This rule detects the presence of Redline Stealer samples based on their unique strings.
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-