Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    21a0d9848733e2ff99df508be706d562932695da05186fd52d832e2dc1fb1e84.bin

  • Size

    618KB

  • Sample

    230506-zrjygsdg33

  • MD5

    f4e2a3ad55df1a84fa32f2a3a396f75e

  • SHA1

    9e1c4f29d65a68c93599688c0b83de1fefade2b4

  • SHA256

    21a0d9848733e2ff99df508be706d562932695da05186fd52d832e2dc1fb1e84

  • SHA512

    d1667915ee72608e84f21afa33d829c274510e52ea656b75f17ecff70d6ca270083a87bfba90f1b705309a8e4763840ae1b022cac910c06ada3a309744840bee

  • SSDEEP

    12288:Qy90o5UfrRk63dq6vJI7FYfAPYRKhsVPTs2FQe6/qr9wl:QyR5qmCzvO5QKYYhsVPTs2y3

Malware Config

Targets

    • Target

      21a0d9848733e2ff99df508be706d562932695da05186fd52d832e2dc1fb1e84.bin

    • Size

      618KB

    • MD5

      f4e2a3ad55df1a84fa32f2a3a396f75e

    • SHA1

      9e1c4f29d65a68c93599688c0b83de1fefade2b4

    • SHA256

      21a0d9848733e2ff99df508be706d562932695da05186fd52d832e2dc1fb1e84

    • SHA512

      d1667915ee72608e84f21afa33d829c274510e52ea656b75f17ecff70d6ca270083a87bfba90f1b705309a8e4763840ae1b022cac910c06ada3a309744840bee

    • SSDEEP

      12288:Qy90o5UfrRk63dq6vJI7FYfAPYRKhsVPTs2FQe6/qr9wl:QyR5qmCzvO5QKYYhsVPTs2y3

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks