Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    1ceb0fa1c52b3c56e438f441c30f53652374fb49683356172398459844d4ba14.bin

  • Size

    1.0MB

  • Sample

    230506-zlhs8sdb63

  • MD5

    61e12c04cd825276b1ee0ab3ea0dd061

  • SHA1

    499e8003ddac5a8601960051e97a19ae119c0ba4

  • SHA256

    1ceb0fa1c52b3c56e438f441c30f53652374fb49683356172398459844d4ba14

  • SHA512

    d64693643fbde638ca6921a519e7915e436f36525f6e1dbeda1aaaae19a35dabf75a2040390afe575fe9ab19c4d08bcd7fd273a3c13841ae411ab1c8d020e0d5

  • SSDEEP

    24576:dqw0OA/oz/04YtRHw/tOWaqbkCimjVkaHtSv8I+h:n0Obw4Yt6OQlimjV3tSvc

Malware Config

Targets

    • Target

      1ceb0fa1c52b3c56e438f441c30f53652374fb49683356172398459844d4ba14.bin

    • Size

      1.0MB

    • MD5

      61e12c04cd825276b1ee0ab3ea0dd061

    • SHA1

      499e8003ddac5a8601960051e97a19ae119c0ba4

    • SHA256

      1ceb0fa1c52b3c56e438f441c30f53652374fb49683356172398459844d4ba14

    • SHA512

      d64693643fbde638ca6921a519e7915e436f36525f6e1dbeda1aaaae19a35dabf75a2040390afe575fe9ab19c4d08bcd7fd273a3c13841ae411ab1c8d020e0d5

    • SSDEEP

      24576:dqw0OA/oz/04YtRHw/tOWaqbkCimjVkaHtSv8I+h:n0Obw4Yt6OQlimjV3tSvc

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks