Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    73c6c588e1e97b13b7ba6f4c922c2d76

  • Size

    316KB

  • Sample

    240125-ff5k9sgfb8

  • MD5

    73c6c588e1e97b13b7ba6f4c922c2d76

  • SHA1

    9d1479c0cb6161d3f3cb59da7ebab105d087bf25

  • SHA256

    50d3b68fda2ef87e977cc92bc744516f5d9dc93c2e3f8b2020b695364a52eba9

  • SHA512

    317bc1d1dc41745c128b44f44ddf6a988e130b9edb9cdfd8094ddf3c752f68232d1dc1503d1ff081f6b0b7c1ea26f7d40b33a9a97872381afd374ed1df13ced1

  • SSDEEP

    6144:b6osaMuV1NcUybSsFtE4ZMAb45ogLXax8t9:Xs9uDNc3bSiE4CxTXLt9

Malware Config

Extracted

Family

redline

Botnet

scamne

C2

209.54.104.19:21416

Targets

    • Target

      73c6c588e1e97b13b7ba6f4c922c2d76

    • Size

      316KB

    • MD5

      73c6c588e1e97b13b7ba6f4c922c2d76

    • SHA1

      9d1479c0cb6161d3f3cb59da7ebab105d087bf25

    • SHA256

      50d3b68fda2ef87e977cc92bc744516f5d9dc93c2e3f8b2020b695364a52eba9

    • SHA512

      317bc1d1dc41745c128b44f44ddf6a988e130b9edb9cdfd8094ddf3c752f68232d1dc1503d1ff081f6b0b7c1ea26f7d40b33a9a97872381afd374ed1df13ced1

    • SSDEEP

      6144:b6osaMuV1NcUybSsFtE4ZMAb45ogLXax8t9:Xs9uDNc3bSiE4CxTXLt9

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

    • SectopRAT payload

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks