Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    16e33753cbc1526c31a7bfb70f89cdfa4a7bf3d0526e954b6703e3132ed75f85.bin

  • Size

    690KB

  • Sample

    230506-zfmj8seg6y

  • MD5

    d488ae7600e6c8ef1df2897a26595fd2

  • SHA1

    63a3bf8c5584f35f5921cb6cb777ef865887685e

  • SHA256

    16e33753cbc1526c31a7bfb70f89cdfa4a7bf3d0526e954b6703e3132ed75f85

  • SHA512

    8e1a66fb27ba36708e53fc84a8f238c9d8586a70c8b1b2ed2b6b0e2a4d210ce8d767e9942da810adc1d004898dacde22e30c94fa4d37469424eb2d4155406a66

  • SSDEEP

    12288:uy90otjAvB4o6bUcyR9ZjIjQvLJxeexUwEUGes04vC2ymO4tErGLEgb:uylo7G2LJxJTSR62yfGErFgb

Malware Config

Targets

    • Target

      16e33753cbc1526c31a7bfb70f89cdfa4a7bf3d0526e954b6703e3132ed75f85.bin

    • Size

      690KB

    • MD5

      d488ae7600e6c8ef1df2897a26595fd2

    • SHA1

      63a3bf8c5584f35f5921cb6cb777ef865887685e

    • SHA256

      16e33753cbc1526c31a7bfb70f89cdfa4a7bf3d0526e954b6703e3132ed75f85

    • SHA512

      8e1a66fb27ba36708e53fc84a8f238c9d8586a70c8b1b2ed2b6b0e2a4d210ce8d767e9942da810adc1d004898dacde22e30c94fa4d37469424eb2d4155406a66

    • SSDEEP

      12288:uy90otjAvB4o6bUcyR9ZjIjQvLJxeexUwEUGes04vC2ymO4tErGLEgb:uylo7G2LJxJTSR62yfGErFgb

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks