Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    build.exe

  • Size

    95KB

  • Sample

    231005-bg88mahh27

  • MD5

    2f7437082c6e4244eb16e2f9c450905a

  • SHA1

    cf818d29cd0010daf612beec6e765c1ed7e6750d

  • SHA256

    5edfb5f547dada1f80638d11703a1a83ae6421842170fa0e901d24be245a7628

  • SHA512

    9001773e20da17e815c0ada24776c97a0003942bae1a56e063da7767c7a5975cf13a0b7a1203a84310f8e48031fad410999a99d6f10e7ba87db06258fc7156b6

  • SSDEEP

    1536:1qsGfq+TmlbG6jejoigI/43Ywzi0Zb78ivombfexv0ujXyyed2W3tmulgS6pg:z0taY/+zi0ZbYe1g0ujyzd8g

Malware Config

Extracted

Family

redline

Botnet

cheat

C2

127.0.0.1:4483

Targets

    • Target

      build.exe

    • Size

      95KB

    • MD5

      2f7437082c6e4244eb16e2f9c450905a

    • SHA1

      cf818d29cd0010daf612beec6e765c1ed7e6750d

    • SHA256

      5edfb5f547dada1f80638d11703a1a83ae6421842170fa0e901d24be245a7628

    • SHA512

      9001773e20da17e815c0ada24776c97a0003942bae1a56e063da7767c7a5975cf13a0b7a1203a84310f8e48031fad410999a99d6f10e7ba87db06258fc7156b6

    • SSDEEP

      1536:1qsGfq+TmlbG6jejoigI/43Ywzi0Zb78ivombfexv0ujXyyed2W3tmulgS6pg:z0taY/+zi0ZbYe1g0ujyzd8g

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

    • SectopRAT payload

MITRE ATT&CK Matrix

Tasks