Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    3c85d0a5da2ae9fe759949a0feb70d3c

  • Size

    238KB

  • Sample

    240101-lpap5sfhck

  • MD5

    3c85d0a5da2ae9fe759949a0feb70d3c

  • SHA1

    d9a876190138699a8f28318b05ee6012e6f14fad

  • SHA256

    c99ef8b57dfc165a4b6a1e5db5ff1fabbd9582d7ede5c5a3c86f2933cab006a4

  • SHA512

    81cde77d2dbd16e6e1b665be6ef75dc6a027a936e078a5c1a5fdbb7787465f1ac8c6ba7df6f642f9bf0de9f6725e8ca7783ad8b3df4b25a2818bc6f56e338c80

  • SSDEEP

    6144:zeQhWVu/VUk7bVwmqMz8WHevNUKDdmUcy/Zf/enifLGsk9:zzwVu9UKZjzhNKDUUciXSsa

Malware Config

Extracted

Family

redline

C2

87.251.71.120:62788

Targets

    • Target

      3c85d0a5da2ae9fe759949a0feb70d3c

    • Size

      238KB

    • MD5

      3c85d0a5da2ae9fe759949a0feb70d3c

    • SHA1

      d9a876190138699a8f28318b05ee6012e6f14fad

    • SHA256

      c99ef8b57dfc165a4b6a1e5db5ff1fabbd9582d7ede5c5a3c86f2933cab006a4

    • SHA512

      81cde77d2dbd16e6e1b665be6ef75dc6a027a936e078a5c1a5fdbb7787465f1ac8c6ba7df6f642f9bf0de9f6725e8ca7783ad8b3df4b25a2818bc6f56e338c80

    • SSDEEP

      6144:zeQhWVu/VUk7bVwmqMz8WHevNUKDdmUcy/Zf/enifLGsk9:zzwVu9UKZjzhNKDUUciXSsa

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

    • SectopRAT payload

MITRE ATT&CK Enterprise v15

Tasks