Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2c87d47fdffbbdd69ed71b3ba98343c5eb743549664ed4b6401db2f29c8de310.bin

  • Size

    1.0MB

  • Sample

    230506-zy5tjaef66

  • MD5

    c36a4caf5fcbe3d81eb54759ba82e976

  • SHA1

    a04bb9c3008d28cf4d5306786a87ff0e402f658a

  • SHA256

    2c87d47fdffbbdd69ed71b3ba98343c5eb743549664ed4b6401db2f29c8de310

  • SHA512

    1fc28d4d8b9b77be2505c6614dad283650257de26906802133b8e992e38d546a98eab68c9c4e733948caf222f8ac650ebd8443f02d64b9d0ecc62a94ff2b5e47

  • SSDEEP

    24576:QcIu58c6Od3W36hmxGaKc1HIcf0ErjxO+TtR1N2VRDrcG3:QmZ6Od3WqFaKc1Hh8ErdOWR1N2fDrc

Malware Config

Targets

    • Target

      2c87d47fdffbbdd69ed71b3ba98343c5eb743549664ed4b6401db2f29c8de310.bin

    • Size

      1.0MB

    • MD5

      c36a4caf5fcbe3d81eb54759ba82e976

    • SHA1

      a04bb9c3008d28cf4d5306786a87ff0e402f658a

    • SHA256

      2c87d47fdffbbdd69ed71b3ba98343c5eb743549664ed4b6401db2f29c8de310

    • SHA512

      1fc28d4d8b9b77be2505c6614dad283650257de26906802133b8e992e38d546a98eab68c9c4e733948caf222f8ac650ebd8443f02d64b9d0ecc62a94ff2b5e47

    • SSDEEP

      24576:QcIu58c6Od3W36hmxGaKc1HIcf0ErjxO+TtR1N2VRDrcG3:QmZ6Od3WqFaKc1Hh8ErdOWR1N2fDrc

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks