Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    c106958e5fba3a3eb8c94656bc6dedf6

  • Size

    105KB

  • Sample

    240311-tnza4sbb68

  • MD5

    c106958e5fba3a3eb8c94656bc6dedf6

  • SHA1

    3df0b7c54244cb167707a2a9825e2e28699d272f

  • SHA256

    b2c5577e8c882eee0be28cb16350b7aa48c3052d410d421da4a9620a8c86807d

  • SHA512

    2597a9a8b0cf97780279a8627fa6e862f0cf974ff31c8a9f9a0b58f1bb6d845891e24075e1d76c527a11b9dae2eda7c61d90b29af2580ee01ede723e60b885c0

  • SSDEEP

    1536:wo6aGr2CT0jE68c30H6lsf+oRxv7zauiw2eLgbue7vtuvNyAsd3letx5REnG6WAD:wdxiCT0+aWVe5DeM3tulydd4NW9apU3

Malware Config

Extracted

Family

redline

Botnet

FIRST_7.5k

C2

45.14.49.200:27625

Targets

    • Target

      c106958e5fba3a3eb8c94656bc6dedf6

    • Size

      105KB

    • MD5

      c106958e5fba3a3eb8c94656bc6dedf6

    • SHA1

      3df0b7c54244cb167707a2a9825e2e28699d272f

    • SHA256

      b2c5577e8c882eee0be28cb16350b7aa48c3052d410d421da4a9620a8c86807d

    • SHA512

      2597a9a8b0cf97780279a8627fa6e862f0cf974ff31c8a9f9a0b58f1bb6d845891e24075e1d76c527a11b9dae2eda7c61d90b29af2580ee01ede723e60b885c0

    • SSDEEP

      1536:wo6aGr2CT0jE68c30H6lsf+oRxv7zauiw2eLgbue7vtuvNyAsd3letx5REnG6WAD:wdxiCT0+aWVe5DeM3tulydd4NW9apU3

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

    • SectopRAT payload

MITRE ATT&CK Matrix

Tasks