Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    5a115ce1728a979b13bd527b4b3882aa

  • Size

    396KB

  • Sample

    231226-hdn7lshae6

  • MD5

    5a115ce1728a979b13bd527b4b3882aa

  • SHA1

    273f1a1915b442eaa179b292a725a0d95dc023eb

  • SHA256

    252ace27adb191fc5b0635a7cf2a96fc96957ee523911b2c44837afbcaf56779

  • SHA512

    b58ae1946ec98d3e971099a1c8382070fce6bb6a95835d85e96121facf4eeeee1d306b84c2e655e8bb97b13aaf58d9a310bc3842de89fc91a70660759d71802a

  • SSDEEP

    6144:CMRyuNIzPNMWgO+a66q3GT7NkPJXkSt1KbbL7rnhYoTKLxzOxdiFVkUn9hppsczp:NtNIb2Wn+a660Xz0HL/CuKLo0FbJnzp

Malware Config

Extracted

Family

redline

Botnet

CUC

C2

185.215.113.45:41009

Targets

    • Target

      5a115ce1728a979b13bd527b4b3882aa

    • Size

      396KB

    • MD5

      5a115ce1728a979b13bd527b4b3882aa

    • SHA1

      273f1a1915b442eaa179b292a725a0d95dc023eb

    • SHA256

      252ace27adb191fc5b0635a7cf2a96fc96957ee523911b2c44837afbcaf56779

    • SHA512

      b58ae1946ec98d3e971099a1c8382070fce6bb6a95835d85e96121facf4eeeee1d306b84c2e655e8bb97b13aaf58d9a310bc3842de89fc91a70660759d71802a

    • SSDEEP

      6144:CMRyuNIzPNMWgO+a66q3GT7NkPJXkSt1KbbL7rnhYoTKLxzOxdiFVkUn9hppsczp:NtNIb2Wn+a660Xz0HL/CuKLo0FbJnzp

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

    • SectopRAT payload

MITRE ATT&CK Matrix

Tasks