Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
302194ebde87a29004db7110ed3d44d2df485125376e9c49660089397933b981.bin
-
Size
752KB
-
Sample
230506-z2h4yaha5v
-
MD5
1a19b9ee8370cd15514ed2b65076c96a
-
SHA1
99ddc12f7c68d0192e08583b0d610b6d4e959e79
-
SHA256
302194ebde87a29004db7110ed3d44d2df485125376e9c49660089397933b981
-
SHA512
f5a47a403d12a86ddf9256dd91cea074898f929bf65ce405ae6c4ff7421af5fac811446132226088d60dc0850079769885f3f5ce3b78e6d750328af1dd153c14
-
SSDEEP
12288:Zy908FlsPgv88KPOOD/by6TjYW/8xd3UDWb6VvqmIXk:ZyxwDpDWUD/ulUSC1IXk
Static task
static1
Behavioral task
behavioral1
Sample
302194ebde87a29004db7110ed3d44d2df485125376e9c49660089397933b981.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
302194ebde87a29004db7110ed3d44d2df485125376e9c49660089397933b981.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
302194ebde87a29004db7110ed3d44d2df485125376e9c49660089397933b981.bin
-
Size
752KB
-
MD5
1a19b9ee8370cd15514ed2b65076c96a
-
SHA1
99ddc12f7c68d0192e08583b0d610b6d4e959e79
-
SHA256
302194ebde87a29004db7110ed3d44d2df485125376e9c49660089397933b981
-
SHA512
f5a47a403d12a86ddf9256dd91cea074898f929bf65ce405ae6c4ff7421af5fac811446132226088d60dc0850079769885f3f5ce3b78e6d750328af1dd153c14
-
SSDEEP
12288:Zy908FlsPgv88KPOOD/by6TjYW/8xd3UDWb6VvqmIXk:ZyxwDpDWUD/ulUSC1IXk
-
Detects Redline Stealer samples
This rule detects the presence of Redline Stealer samples based on their unique strings.
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-