Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    1d9a6cde7f7b13c4eea0be144fb489df29f05597afa59cd00e643097c71947c4.bin

  • Size

    705KB

  • Sample

    230506-zl8dwsfd3s

  • MD5

    b9a0ecd9c9b3489dce22313b82a83ac9

  • SHA1

    73aa4c938bbfa44a4d276cd6ec3dba46a70e66b8

  • SHA256

    1d9a6cde7f7b13c4eea0be144fb489df29f05597afa59cd00e643097c71947c4

  • SHA512

    a721b25316c3cbe71cad2341fcc891a2ffb46f41ac31e9f8642424ebca392177a41f550969b13f25566683dc98dcdc44d41e3fd64b0b7ebc309445773880f51b

  • SSDEEP

    12288:Xyy90qxKp3rFSzr5l0PfcX7wRs3NynfCw+hOWlL1KR:CyLg9FSzriEw2Fjl2

Malware Config

Targets

    • Target

      1d9a6cde7f7b13c4eea0be144fb489df29f05597afa59cd00e643097c71947c4.bin

    • Size

      705KB

    • MD5

      b9a0ecd9c9b3489dce22313b82a83ac9

    • SHA1

      73aa4c938bbfa44a4d276cd6ec3dba46a70e66b8

    • SHA256

      1d9a6cde7f7b13c4eea0be144fb489df29f05597afa59cd00e643097c71947c4

    • SHA512

      a721b25316c3cbe71cad2341fcc891a2ffb46f41ac31e9f8642424ebca392177a41f550969b13f25566683dc98dcdc44d41e3fd64b0b7ebc309445773880f51b

    • SSDEEP

      12288:Xyy90qxKp3rFSzr5l0PfcX7wRs3NynfCw+hOWlL1KR:CyLg9FSzriEw2Fjl2

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks