Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2dc744e64d4b1b9e4dfe408579228b90be28484abb9c59ea326269cb11e315cf.bin
-
Size
1.1MB
-
Sample
230506-zzr9tseg45
-
MD5
ad246420edbfa3b201927609651d8cc3
-
SHA1
1837216d45093adc537c8327223b8e806c69c198
-
SHA256
2dc744e64d4b1b9e4dfe408579228b90be28484abb9c59ea326269cb11e315cf
-
SHA512
2d5dc85b80321cde2986031ffcbc7099d86608a0c33690c38b795737ad0157a5b0af4ecaad77544d8730d4972f80423c80a5d43f41280f1c676f5fdeade65120
-
SSDEEP
24576:+y+NTfwOGYi5Md+QyWV1OW4ediXd6Frj8bj/ke:N+NTfw49jygOW4ednrIX
Static task
static1
Behavioral task
behavioral1
Sample
2dc744e64d4b1b9e4dfe408579228b90be28484abb9c59ea326269cb11e315cf.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
2dc744e64d4b1b9e4dfe408579228b90be28484abb9c59ea326269cb11e315cf.exe
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
2dc744e64d4b1b9e4dfe408579228b90be28484abb9c59ea326269cb11e315cf.bin
-
Size
1.1MB
-
MD5
ad246420edbfa3b201927609651d8cc3
-
SHA1
1837216d45093adc537c8327223b8e806c69c198
-
SHA256
2dc744e64d4b1b9e4dfe408579228b90be28484abb9c59ea326269cb11e315cf
-
SHA512
2d5dc85b80321cde2986031ffcbc7099d86608a0c33690c38b795737ad0157a5b0af4ecaad77544d8730d4972f80423c80a5d43f41280f1c676f5fdeade65120
-
SSDEEP
24576:+y+NTfwOGYi5Md+QyWV1OW4ediXd6Frj8bj/ke:N+NTfw49jygOW4ednrIX
-
Detects Redline Stealer samples
This rule detects the presence of Redline Stealer samples based on their unique strings.
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-