Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    3211e374b732c8d73f42b7ae20317bc134a05dfead28e6dd8da425df5bd479cf.bin

  • Size

    747KB

  • Sample

    230506-z3mhrahb71

  • MD5

    72a896d421d41c5913d3a2e42fda4717

  • SHA1

    e0bd15b47be605a799862d960a4c31cd0cf953ae

  • SHA256

    3211e374b732c8d73f42b7ae20317bc134a05dfead28e6dd8da425df5bd479cf

  • SHA512

    2bfba1e787411ce37b2cc0ffea1372d9f05e5733bb3babfa7b72730eda8d2ab36005a35514b87767fd02dd42ccb2e9984f963814e63c267150762cab9a3c15af

  • SSDEEP

    12288:+y90foOt5rdmHdqt0UWffvUa5qTpTCSp7Dd3RqUiLW/f2dmFcVvPkwJOB:+yeoOt5JmHYtTWfXUa5qTcYp3tCwGm6q

Malware Config

Targets

    • Target

      3211e374b732c8d73f42b7ae20317bc134a05dfead28e6dd8da425df5bd479cf.bin

    • Size

      747KB

    • MD5

      72a896d421d41c5913d3a2e42fda4717

    • SHA1

      e0bd15b47be605a799862d960a4c31cd0cf953ae

    • SHA256

      3211e374b732c8d73f42b7ae20317bc134a05dfead28e6dd8da425df5bd479cf

    • SHA512

      2bfba1e787411ce37b2cc0ffea1372d9f05e5733bb3babfa7b72730eda8d2ab36005a35514b87767fd02dd42ccb2e9984f963814e63c267150762cab9a3c15af

    • SSDEEP

      12288:+y90foOt5rdmHdqt0UWffvUa5qTpTCSp7Dd3RqUiLW/f2dmFcVvPkwJOB:+yeoOt5JmHYtTWfXUa5qTcYp3tCwGm6q

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks