Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    185120ad49807c35f915dcf431450a50098210c6f46a671dcad18ec3469f8000.bin

  • Size

    990KB

  • Sample

    230506-zgn5fscf74

  • MD5

    43d24568da0796b45cf85ce131bfaca1

  • SHA1

    70d5941d35f9b38c61047f95d65b47e7fa7c2c2b

  • SHA256

    185120ad49807c35f915dcf431450a50098210c6f46a671dcad18ec3469f8000

  • SHA512

    58163f9b5c83d924eb040a54fbb47353787cb5305523c57f9c59ed28ef5a000a75f4d8c3f812aee0de665f3db526c9f9eb466c2b687dfe3276a61f22eb423c8c

  • SSDEEP

    24576:5nUoY7pfy8Yg7Q7TsRZcKeD2Mzlnk+IY8Mlf:M7By87STskKefd5

Malware Config

Targets

    • Target

      185120ad49807c35f915dcf431450a50098210c6f46a671dcad18ec3469f8000.bin

    • Size

      990KB

    • MD5

      43d24568da0796b45cf85ce131bfaca1

    • SHA1

      70d5941d35f9b38c61047f95d65b47e7fa7c2c2b

    • SHA256

      185120ad49807c35f915dcf431450a50098210c6f46a671dcad18ec3469f8000

    • SHA512

      58163f9b5c83d924eb040a54fbb47353787cb5305523c57f9c59ed28ef5a000a75f4d8c3f812aee0de665f3db526c9f9eb466c2b687dfe3276a61f22eb423c8c

    • SSDEEP

      24576:5nUoY7pfy8Yg7Q7TsRZcKeD2Mzlnk+IY8Mlf:M7By87STskKefd5

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks