Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2b52c099160f823946bb195e662c36a9f0938622d91be40d6d08a021c409b549.bin

  • Size

    674KB

  • Sample

    230506-zyemcaee72

  • MD5

    7f5d213cb5da614bae79dc55c5f7388d

  • SHA1

    1ef457921f68ce987eb83a020e594153f4a92873

  • SHA256

    2b52c099160f823946bb195e662c36a9f0938622d91be40d6d08a021c409b549

  • SHA512

    07caedbc460602331d898619700989ae3219d798196862045bb7ad83c9dd3955bdf31f8d2779ae8691cc320455e95bf4150085cd7de5af4e4f9cef4e39eace28

  • SSDEEP

    12288:Ay90G7cQB3i5iTkvy/YFhGxwPsk0gULPL4Kx8cr86oa7lw23qVh8ok:AyB753i5t6/YFIxwPsh/7L4KJxwwMxk

Malware Config

Targets

    • Target

      2b52c099160f823946bb195e662c36a9f0938622d91be40d6d08a021c409b549.bin

    • Size

      674KB

    • MD5

      7f5d213cb5da614bae79dc55c5f7388d

    • SHA1

      1ef457921f68ce987eb83a020e594153f4a92873

    • SHA256

      2b52c099160f823946bb195e662c36a9f0938622d91be40d6d08a021c409b549

    • SHA512

      07caedbc460602331d898619700989ae3219d798196862045bb7ad83c9dd3955bdf31f8d2779ae8691cc320455e95bf4150085cd7de5af4e4f9cef4e39eace28

    • SSDEEP

      12288:Ay90G7cQB3i5iTkvy/YFhGxwPsk0gULPL4Kx8cr86oa7lw23qVh8ok:AyB753i5t6/YFIxwPsh/7L4KJxwwMxk

    • Detects Redline Stealer samples

      This rule detects the presence of Redline Stealer samples based on their unique strings.

    • Modifies Windows Defender Real-time Protection settings

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks