Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
139ba7e1a5a9ade60989b7f5706ca4c955b3f8b9319b55ba1fafe5ca853d7b06.bin
-
Size
1.1MB
-
Sample
230506-zddvbacc72
-
MD5
41b73dff8d93877bdd2086f92bf0dfa1
-
SHA1
f094b68ee9cd1b107e3d911b8cb7a2102f77283d
-
SHA256
139ba7e1a5a9ade60989b7f5706ca4c955b3f8b9319b55ba1fafe5ca853d7b06
-
SHA512
aeda2b7f9b1799756070fc3954bd9ae7c03ac2f69dbdb269f33c24c982f1b4cd705f810bca0b6d6d4fbbd691e43d50fda4b94f653977f6b1ee19d5648e363eb1
-
SSDEEP
24576:vycLG6X0dygp8crJqXQ3VqMjl6Fa78b8SZUZkby:6JCI8crkEF8agwub
Static task
static1
Behavioral task
behavioral1
Sample
139ba7e1a5a9ade60989b7f5706ca4c955b3f8b9319b55ba1fafe5ca853d7b06.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
139ba7e1a5a9ade60989b7f5706ca4c955b3f8b9319b55ba1fafe5ca853d7b06.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
139ba7e1a5a9ade60989b7f5706ca4c955b3f8b9319b55ba1fafe5ca853d7b06.bin
-
Size
1.1MB
-
MD5
41b73dff8d93877bdd2086f92bf0dfa1
-
SHA1
f094b68ee9cd1b107e3d911b8cb7a2102f77283d
-
SHA256
139ba7e1a5a9ade60989b7f5706ca4c955b3f8b9319b55ba1fafe5ca853d7b06
-
SHA512
aeda2b7f9b1799756070fc3954bd9ae7c03ac2f69dbdb269f33c24c982f1b4cd705f810bca0b6d6d4fbbd691e43d50fda4b94f653977f6b1ee19d5648e363eb1
-
SSDEEP
24576:vycLG6X0dygp8crJqXQ3VqMjl6Fa78b8SZUZkby:6JCI8crkEF8agwub
-
Detects Redline Stealer samples
This rule detects the presence of Redline Stealer samples based on their unique strings.
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-