Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
185120ad49807c35f915dcf431450a50098210c6f46a671dcad18ec3469f8000.bin
-
Size
990KB
-
Sample
230506-zgn5fscf74
-
MD5
43d24568da0796b45cf85ce131bfaca1
-
SHA1
70d5941d35f9b38c61047f95d65b47e7fa7c2c2b
-
SHA256
185120ad49807c35f915dcf431450a50098210c6f46a671dcad18ec3469f8000
-
SHA512
58163f9b5c83d924eb040a54fbb47353787cb5305523c57f9c59ed28ef5a000a75f4d8c3f812aee0de665f3db526c9f9eb466c2b687dfe3276a61f22eb423c8c
-
SSDEEP
24576:5nUoY7pfy8Yg7Q7TsRZcKeD2Mzlnk+IY8Mlf:M7By87STskKefd5
Malware Config
Targets
-
-
Target
185120ad49807c35f915dcf431450a50098210c6f46a671dcad18ec3469f8000.bin
-
Size
990KB
-
MD5
43d24568da0796b45cf85ce131bfaca1
-
SHA1
70d5941d35f9b38c61047f95d65b47e7fa7c2c2b
-
SHA256
185120ad49807c35f915dcf431450a50098210c6f46a671dcad18ec3469f8000
-
SHA512
58163f9b5c83d924eb040a54fbb47353787cb5305523c57f9c59ed28ef5a000a75f4d8c3f812aee0de665f3db526c9f9eb466c2b687dfe3276a61f22eb423c8c
-
SSDEEP
24576:5nUoY7pfy8Yg7Q7TsRZcKeD2Mzlnk+IY8Mlf:M7By87STskKefd5
Score10/10-
Detects Redline Stealer samples
This rule detects the presence of Redline Stealer samples based on their unique strings.
-
Modifies Windows Defender Real-time Protection settings
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Windows security modification
-
Adds Run key to start application
-