Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    36651de7a4d7ab0b0b0ccdb3d109d6774d61fda49f90803520cfb129bdea6c73

  • Size

    480KB

  • Sample

    230506-z6qpkshe8w

  • MD5

    abdaf8c4d1ca10508f21f22884488fcc

  • SHA1

    dbc1180675603091a1be4f77e4e7dfe63c4beb14

  • SHA256

    36651de7a4d7ab0b0b0ccdb3d109d6774d61fda49f90803520cfb129bdea6c73

  • SHA512

    c8f53b5dbf44fe9d4eb9277365f1a1d05a53c4019a0072da13b29c496b58da2b755ff794d95f8dba07b30688df34c92f8775a8e10fa33655f36a9f57555e3e9e

  • SSDEEP

    12288:3Mr1y90vNzCUjEuLVACmVOb/nAJYAiWD:2y+McmwbHaD

Malware Config

Targets

    • Target

      36651de7a4d7ab0b0b0ccdb3d109d6774d61fda49f90803520cfb129bdea6c73

    • Size

      480KB

    • MD5

      abdaf8c4d1ca10508f21f22884488fcc

    • SHA1

      dbc1180675603091a1be4f77e4e7dfe63c4beb14

    • SHA256

      36651de7a4d7ab0b0b0ccdb3d109d6774d61fda49f90803520cfb129bdea6c73

    • SHA512

      c8f53b5dbf44fe9d4eb9277365f1a1d05a53c4019a0072da13b29c496b58da2b755ff794d95f8dba07b30688df34c92f8775a8e10fa33655f36a9f57555e3e9e

    • SSDEEP

      12288:3Mr1y90vNzCUjEuLVACmVOb/nAJYAiWD:2y+McmwbHaD

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks