Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    126d84e6be14384774285af86e4e8c139d5e2a60ab871c70af63d6632cd99899.bin

  • Size

    611KB

  • Sample

    230506-zcm2lacb87

  • MD5

    7d086131850c139d2df3a70db5eaa502

  • SHA1

    9893e4cf7d2066e792401ac0799eb5cf29584798

  • SHA256

    126d84e6be14384774285af86e4e8c139d5e2a60ab871c70af63d6632cd99899

  • SHA512

    58ca1ac62c87cd86654fe545d9afe570ab1cf953e5a71a2901c610622ce43d89f5d1d630fc157f311604fe9683ece59da195102d290108380a4d5794b0a6bd62

  • SSDEEP

    12288:1y90i8ALkfEdTiqhN/baGu08k8sOqgSbaIikNNN7yk:1yF8Mkfiiqh9bvmZsbbfikvwk

Malware Config

Targets

    • Target

      126d84e6be14384774285af86e4e8c139d5e2a60ab871c70af63d6632cd99899.bin

    • Size

      611KB

    • MD5

      7d086131850c139d2df3a70db5eaa502

    • SHA1

      9893e4cf7d2066e792401ac0799eb5cf29584798

    • SHA256

      126d84e6be14384774285af86e4e8c139d5e2a60ab871c70af63d6632cd99899

    • SHA512

      58ca1ac62c87cd86654fe545d9afe570ab1cf953e5a71a2901c610622ce43d89f5d1d630fc157f311604fe9683ece59da195102d290108380a4d5794b0a6bd62

    • SSDEEP

      12288:1y90i8ALkfEdTiqhN/baGu08k8sOqgSbaIikNNN7yk:1yF8Mkfiiqh9bvmZsbbfikvwk

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks