Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    27af3faa9b75e9348cb64f222e12763155ef194b7ba10de66a0445594e1eebf3

  • Size

    491KB

  • Sample

    230506-zv43tsgc5v

  • MD5

    84a2c8c45478367a9461bd236b88e561

  • SHA1

    4e752eaf0d3cd5b1a32571901f4d586802941767

  • SHA256

    27af3faa9b75e9348cb64f222e12763155ef194b7ba10de66a0445594e1eebf3

  • SHA512

    1da02b574e1afc8f3539ab3b5b13a262e3eb64adc4db7b0b2b4b1f2369cd78340a721a01ffccdf592cd39d11f0f7a71a616dd29fb4511540f8af955a2b8c0765

  • SSDEEP

    12288:rMrqy90kcjOLe2jfDhzU+IrOQXJ3agqPn6z0L:dyvceewbhg+fQAf6z0L

Malware Config

Targets

    • Target

      27af3faa9b75e9348cb64f222e12763155ef194b7ba10de66a0445594e1eebf3

    • Size

      491KB

    • MD5

      84a2c8c45478367a9461bd236b88e561

    • SHA1

      4e752eaf0d3cd5b1a32571901f4d586802941767

    • SHA256

      27af3faa9b75e9348cb64f222e12763155ef194b7ba10de66a0445594e1eebf3

    • SHA512

      1da02b574e1afc8f3539ab3b5b13a262e3eb64adc4db7b0b2b4b1f2369cd78340a721a01ffccdf592cd39d11f0f7a71a616dd29fb4511540f8af955a2b8c0765

    • SSDEEP

      12288:rMrqy90kcjOLe2jfDhzU+IrOQXJ3agqPn6z0L:dyvceewbhg+fQAf6z0L

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks