Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    1a87eb307b59442cc8357e10abe2bc51640c69af18c7c6c1d4271bdd519d4e80

  • Size

    376KB

  • Sample

    230506-zjh18ach79

  • MD5

    ae5976d5f9b72f7051595d62d92398dc

  • SHA1

    43ab360add906bc779d5e91edbaab23475182282

  • SHA256

    1a87eb307b59442cc8357e10abe2bc51640c69af18c7c6c1d4271bdd519d4e80

  • SHA512

    3dc417c7918d3f181b3b68d672ad8386e2dd3bf07922cd89023c0fc5850c334060b967f33a6e81085a56b70719d11235385fdd3bde785fa0d2304791dfb4950b

  • SSDEEP

    6144:KBy+bnr+rp0yN90QESM4WbXtTqmrGjc//WzHxrlDiOEl4w8MlwurTc:zMr3y90EMhcmrf/+z3D6lxle

Malware Config

Targets

    • Target

      1a87eb307b59442cc8357e10abe2bc51640c69af18c7c6c1d4271bdd519d4e80

    • Size

      376KB

    • MD5

      ae5976d5f9b72f7051595d62d92398dc

    • SHA1

      43ab360add906bc779d5e91edbaab23475182282

    • SHA256

      1a87eb307b59442cc8357e10abe2bc51640c69af18c7c6c1d4271bdd519d4e80

    • SHA512

      3dc417c7918d3f181b3b68d672ad8386e2dd3bf07922cd89023c0fc5850c334060b967f33a6e81085a56b70719d11235385fdd3bde785fa0d2304791dfb4950b

    • SSDEEP

      6144:KBy+bnr+rp0yN90QESM4WbXtTqmrGjc//WzHxrlDiOEl4w8MlwurTc:zMr3y90EMhcmrf/+z3D6lxle

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks