Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2118ba87b19ce14dcf1a7a155dbbf11b4ba321599e9161c97ff58e9fc4dcb6cb.bin

  • Size

    1.2MB

  • Sample

    230506-zq7m6afg6y

  • MD5

    0919b075f58b74f80db1b31fff072dec

  • SHA1

    185a81f97cfbbea7160487998203264343dc2c42

  • SHA256

    2118ba87b19ce14dcf1a7a155dbbf11b4ba321599e9161c97ff58e9fc4dcb6cb

  • SHA512

    2c14a6ff1e5779a6d6dc52b4c1be00439690b39ffbacf023ca9282306b955deb06f969124f6b54ecf1fbfceb55e5648bacca7ccdee05153c770d416e5d74cf78

  • SSDEEP

    24576:/YAVCfN05jEKvD1eqB6QLUIHZinS07gPUSko5622+s:/Y1NsVN654ZiE1ko5Q+

Malware Config

Targets

    • Target

      2118ba87b19ce14dcf1a7a155dbbf11b4ba321599e9161c97ff58e9fc4dcb6cb.bin

    • Size

      1.2MB

    • MD5

      0919b075f58b74f80db1b31fff072dec

    • SHA1

      185a81f97cfbbea7160487998203264343dc2c42

    • SHA256

      2118ba87b19ce14dcf1a7a155dbbf11b4ba321599e9161c97ff58e9fc4dcb6cb

    • SHA512

      2c14a6ff1e5779a6d6dc52b4c1be00439690b39ffbacf023ca9282306b955deb06f969124f6b54ecf1fbfceb55e5648bacca7ccdee05153c770d416e5d74cf78

    • SSDEEP

      24576:/YAVCfN05jEKvD1eqB6QLUIHZinS07gPUSko5622+s:/Y1NsVN654ZiE1ko5Q+

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks