Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
1a87eb307b59442cc8357e10abe2bc51640c69af18c7c6c1d4271bdd519d4e80
-
Size
376KB
-
Sample
230506-zjh18ach79
-
MD5
ae5976d5f9b72f7051595d62d92398dc
-
SHA1
43ab360add906bc779d5e91edbaab23475182282
-
SHA256
1a87eb307b59442cc8357e10abe2bc51640c69af18c7c6c1d4271bdd519d4e80
-
SHA512
3dc417c7918d3f181b3b68d672ad8386e2dd3bf07922cd89023c0fc5850c334060b967f33a6e81085a56b70719d11235385fdd3bde785fa0d2304791dfb4950b
-
SSDEEP
6144:KBy+bnr+rp0yN90QESM4WbXtTqmrGjc//WzHxrlDiOEl4w8MlwurTc:zMr3y90EMhcmrf/+z3D6lxle
Static task
static1
Behavioral task
behavioral1
Sample
1a87eb307b59442cc8357e10abe2bc51640c69af18c7c6c1d4271bdd519d4e80.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
1a87eb307b59442cc8357e10abe2bc51640c69af18c7c6c1d4271bdd519d4e80.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
1a87eb307b59442cc8357e10abe2bc51640c69af18c7c6c1d4271bdd519d4e80
-
Size
376KB
-
MD5
ae5976d5f9b72f7051595d62d92398dc
-
SHA1
43ab360add906bc779d5e91edbaab23475182282
-
SHA256
1a87eb307b59442cc8357e10abe2bc51640c69af18c7c6c1d4271bdd519d4e80
-
SHA512
3dc417c7918d3f181b3b68d672ad8386e2dd3bf07922cd89023c0fc5850c334060b967f33a6e81085a56b70719d11235385fdd3bde785fa0d2304791dfb4950b
-
SSDEEP
6144:KBy+bnr+rp0yN90QESM4WbXtTqmrGjc//WzHxrlDiOEl4w8MlwurTc:zMr3y90EMhcmrf/+z3D6lxle
Score10/10-
Detects Redline Stealer samples
This rule detects the presence of Redline Stealer samples based on their unique strings.
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-