Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
3add8d9e8db10e1e547bf649ab685d9d941e17541164aa7d7971aa96bfe1caa5.bin
-
Size
745KB
-
Sample
230506-z9sncahh5y
-
MD5
8dc8dad544993e3ce28c5a379f65a8e5
-
SHA1
03a2e886652196d81d43481341b8ee60e4403ae2
-
SHA256
3add8d9e8db10e1e547bf649ab685d9d941e17541164aa7d7971aa96bfe1caa5
-
SHA512
ea3d05c1ee6cda020597e120d2c257c9f42ae6564358ffacae2ba79afa0a8da0ebe6372e269d9eb976d5e46c73eaefe194ff95273cc3dbed893ce5b2bc052b5a
-
SSDEEP
12288:wy90oDrRbVCeywfCk91G54VQhkt8qsh5QHYtAfJ9XwBt/XubQSpIWDL+Z:wyplgeywKk9854VQhk8qsvQHYQQ/XyWN
Static task
static1
Behavioral task
behavioral1
Sample
3add8d9e8db10e1e547bf649ab685d9d941e17541164aa7d7971aa96bfe1caa5.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
3add8d9e8db10e1e547bf649ab685d9d941e17541164aa7d7971aa96bfe1caa5.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
3add8d9e8db10e1e547bf649ab685d9d941e17541164aa7d7971aa96bfe1caa5.bin
-
Size
745KB
-
MD5
8dc8dad544993e3ce28c5a379f65a8e5
-
SHA1
03a2e886652196d81d43481341b8ee60e4403ae2
-
SHA256
3add8d9e8db10e1e547bf649ab685d9d941e17541164aa7d7971aa96bfe1caa5
-
SHA512
ea3d05c1ee6cda020597e120d2c257c9f42ae6564358ffacae2ba79afa0a8da0ebe6372e269d9eb976d5e46c73eaefe194ff95273cc3dbed893ce5b2bc052b5a
-
SSDEEP
12288:wy90oDrRbVCeywfCk91G54VQhkt8qsh5QHYtAfJ9XwBt/XubQSpIWDL+Z:wyplgeywKk9854VQhk8qsvQHYQQ/XyWN
-
Detects Redline Stealer samples
This rule detects the presence of Redline Stealer samples based on their unique strings.
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-