Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
126d84e6be14384774285af86e4e8c139d5e2a60ab871c70af63d6632cd99899.bin
-
Size
611KB
-
Sample
230506-zcm2lacb87
-
MD5
7d086131850c139d2df3a70db5eaa502
-
SHA1
9893e4cf7d2066e792401ac0799eb5cf29584798
-
SHA256
126d84e6be14384774285af86e4e8c139d5e2a60ab871c70af63d6632cd99899
-
SHA512
58ca1ac62c87cd86654fe545d9afe570ab1cf953e5a71a2901c610622ce43d89f5d1d630fc157f311604fe9683ece59da195102d290108380a4d5794b0a6bd62
-
SSDEEP
12288:1y90i8ALkfEdTiqhN/baGu08k8sOqgSbaIikNNN7yk:1yF8Mkfiiqh9bvmZsbbfikvwk
Static task
static1
Behavioral task
behavioral1
Sample
126d84e6be14384774285af86e4e8c139d5e2a60ab871c70af63d6632cd99899.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
126d84e6be14384774285af86e4e8c139d5e2a60ab871c70af63d6632cd99899.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
126d84e6be14384774285af86e4e8c139d5e2a60ab871c70af63d6632cd99899.bin
-
Size
611KB
-
MD5
7d086131850c139d2df3a70db5eaa502
-
SHA1
9893e4cf7d2066e792401ac0799eb5cf29584798
-
SHA256
126d84e6be14384774285af86e4e8c139d5e2a60ab871c70af63d6632cd99899
-
SHA512
58ca1ac62c87cd86654fe545d9afe570ab1cf953e5a71a2901c610622ce43d89f5d1d630fc157f311604fe9683ece59da195102d290108380a4d5794b0a6bd62
-
SSDEEP
12288:1y90i8ALkfEdTiqhN/baGu08k8sOqgSbaIikNNN7yk:1yF8Mkfiiqh9bvmZsbbfikvwk
-
Detects Redline Stealer samples
This rule detects the presence of Redline Stealer samples based on their unique strings.
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-