Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
27af3faa9b75e9348cb64f222e12763155ef194b7ba10de66a0445594e1eebf3
-
Size
491KB
-
Sample
230506-zv43tsgc5v
-
MD5
84a2c8c45478367a9461bd236b88e561
-
SHA1
4e752eaf0d3cd5b1a32571901f4d586802941767
-
SHA256
27af3faa9b75e9348cb64f222e12763155ef194b7ba10de66a0445594e1eebf3
-
SHA512
1da02b574e1afc8f3539ab3b5b13a262e3eb64adc4db7b0b2b4b1f2369cd78340a721a01ffccdf592cd39d11f0f7a71a616dd29fb4511540f8af955a2b8c0765
-
SSDEEP
12288:rMrqy90kcjOLe2jfDhzU+IrOQXJ3agqPn6z0L:dyvceewbhg+fQAf6z0L
Malware Config
Targets
-
-
Target
27af3faa9b75e9348cb64f222e12763155ef194b7ba10de66a0445594e1eebf3
-
Size
491KB
-
MD5
84a2c8c45478367a9461bd236b88e561
-
SHA1
4e752eaf0d3cd5b1a32571901f4d586802941767
-
SHA256
27af3faa9b75e9348cb64f222e12763155ef194b7ba10de66a0445594e1eebf3
-
SHA512
1da02b574e1afc8f3539ab3b5b13a262e3eb64adc4db7b0b2b4b1f2369cd78340a721a01ffccdf592cd39d11f0f7a71a616dd29fb4511540f8af955a2b8c0765
-
SSDEEP
12288:rMrqy90kcjOLe2jfDhzU+IrOQXJ3agqPn6z0L:dyvceewbhg+fQAf6z0L
Score10/10-
Detects Redline Stealer samples
This rule detects the presence of Redline Stealer samples based on their unique strings.
-
Modifies Windows Defender Real-time Protection settings
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Windows security modification
-
Adds Run key to start application
-