Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    3add8d9e8db10e1e547bf649ab685d9d941e17541164aa7d7971aa96bfe1caa5.bin

  • Size

    745KB

  • Sample

    230506-z9sncahh5y

  • MD5

    8dc8dad544993e3ce28c5a379f65a8e5

  • SHA1

    03a2e886652196d81d43481341b8ee60e4403ae2

  • SHA256

    3add8d9e8db10e1e547bf649ab685d9d941e17541164aa7d7971aa96bfe1caa5

  • SHA512

    ea3d05c1ee6cda020597e120d2c257c9f42ae6564358ffacae2ba79afa0a8da0ebe6372e269d9eb976d5e46c73eaefe194ff95273cc3dbed893ce5b2bc052b5a

  • SSDEEP

    12288:wy90oDrRbVCeywfCk91G54VQhkt8qsh5QHYtAfJ9XwBt/XubQSpIWDL+Z:wyplgeywKk9854VQhk8qsvQHYQQ/XyWN

Malware Config

Targets

    • Target

      3add8d9e8db10e1e547bf649ab685d9d941e17541164aa7d7971aa96bfe1caa5.bin

    • Size

      745KB

    • MD5

      8dc8dad544993e3ce28c5a379f65a8e5

    • SHA1

      03a2e886652196d81d43481341b8ee60e4403ae2

    • SHA256

      3add8d9e8db10e1e547bf649ab685d9d941e17541164aa7d7971aa96bfe1caa5

    • SHA512

      ea3d05c1ee6cda020597e120d2c257c9f42ae6564358ffacae2ba79afa0a8da0ebe6372e269d9eb976d5e46c73eaefe194ff95273cc3dbed893ce5b2bc052b5a

    • SSDEEP

      12288:wy90oDrRbVCeywfCk91G54VQhkt8qsh5QHYtAfJ9XwBt/XubQSpIWDL+Z:wyplgeywKk9854VQhk8qsvQHYQQ/XyWN

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks