Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

3104452519...94.exe

windows7-x64

7

3104452519...94.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3104452519098577043aa6b07ce22cd41447a3807c96f2037090185ae62bf194

  • Size

    600KB

  • Sample

    230506-z24ewahb21

  • MD5

    7f879c5078f21fe470e3aae4f7a242c8

  • SHA1

    d6be024f66129ce6eb455874776d2a4b87c5ad3c

  • SHA256

    3104452519098577043aa6b07ce22cd41447a3807c96f2037090185ae62bf194

  • SHA512

    cdd89a235aa898187f10c1b8f1cf357623d5d1930f8d777d318cfa9e8cbc2ab26afb6663e47d7685b10863546a1a0e85aea2920fdd9892ce383d9c79178a1a36

  • SSDEEP

    12288:rMruy90ZAhzXWg0ywSav9BGEZqj1u90Helkn/pFh/JRS21JVUVZo:ZyD0yGVEEZqhe0HeOn/p3/TD1J2no

Score
10/10
redlineinfostealerpersistencestealer

Malware Config

Targets

    • Target

      3104452519098577043aa6b07ce22cd41447a3807c96f2037090185ae62bf194

    • Size

      600KB

    • MD5

      7f879c5078f21fe470e3aae4f7a242c8

    • SHA1

      d6be024f66129ce6eb455874776d2a4b87c5ad3c

    • SHA256

      3104452519098577043aa6b07ce22cd41447a3807c96f2037090185ae62bf194

    • SHA512

      cdd89a235aa898187f10c1b8f1cf357623d5d1930f8d777d318cfa9e8cbc2ab26afb6663e47d7685b10863546a1a0e85aea2920fdd9892ce383d9c79178a1a36

    • SSDEEP

      12288:rMruy90ZAhzXWg0ywSav9BGEZqj1u90Helkn/pFh/JRS21JVUVZo:ZyD0yGVEEZqhe0HeOn/p3/TD1J2no

    Score
    10/10
    persistenceredlineinfostealerstealer

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

      stealer

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks