Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    0f71f1fbff25966bcd29e3fc27071d5b9b0679665359c83082ae0ff5df1cf9c6.bin

  • Size

    693KB

  • Sample

    230506-zajamaeb6y

  • MD5

    fc98537ded941c673d8addb2aacb0f68

  • SHA1

    31ab080a9cd3ce47c9cff7733a0d7d00a1d1c72d

  • SHA256

    0f71f1fbff25966bcd29e3fc27071d5b9b0679665359c83082ae0ff5df1cf9c6

  • SHA512

    7c320285104852d3910f641b7ba7c0ff4fa6a7bdad33b6074e6e59cc4aea86a8c448192e4c329630611db2e8650520dea03c347156a38d86e1009adc55dd99a1

  • SSDEEP

    12288:3y90RjZF+dOBLTe7pBQxSuU+vqYUPmlY2Ez7wzvpQ052:3yiNgdOMFBIhH5K2s77p

Malware Config

Targets

    • Target

      0f71f1fbff25966bcd29e3fc27071d5b9b0679665359c83082ae0ff5df1cf9c6.bin

    • Size

      693KB

    • MD5

      fc98537ded941c673d8addb2aacb0f68

    • SHA1

      31ab080a9cd3ce47c9cff7733a0d7d00a1d1c72d

    • SHA256

      0f71f1fbff25966bcd29e3fc27071d5b9b0679665359c83082ae0ff5df1cf9c6

    • SHA512

      7c320285104852d3910f641b7ba7c0ff4fa6a7bdad33b6074e6e59cc4aea86a8c448192e4c329630611db2e8650520dea03c347156a38d86e1009adc55dd99a1

    • SSDEEP

      12288:3y90RjZF+dOBLTe7pBQxSuU+vqYUPmlY2Ez7wzvpQ052:3yiNgdOMFBIhH5K2s77p

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks