Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    41ccae281672141f14028e730c70b618_JaffaCakes118

  • Size

    347KB

  • Sample

    240713-qc7xbstgqa

  • MD5

    41ccae281672141f14028e730c70b618

  • SHA1

    02de56652fa90ab1304c4b22f394ba9d5e132dfd

  • SHA256

    0e09d3298aae4a2a440ae32321a8f6db607e9cb072156b17eb8fb12b212c1cf6

  • SHA512

    e59a4a14c27365fad90b08feaca57c825f4c6c74b0f551ab0fc652b366d78a26672f85ef37f25249c8d92fe4163773a19eb494ca27cf54fc2d0c704dcfdc95c4

  • SSDEEP

    6144:TYI1JWCrhhzlv6flnULzYRY124mrt/S8kCRyYb0Kn4a8:pJ/F116flKzM62445b4Gn4

Malware Config

Extracted

Family

redline

Botnet

20.02

C2

nnanch.xyz:80

veamennia.xyz:80

Targets

    • Target

      41ccae281672141f14028e730c70b618_JaffaCakes118

    • Size

      347KB

    • MD5

      41ccae281672141f14028e730c70b618

    • SHA1

      02de56652fa90ab1304c4b22f394ba9d5e132dfd

    • SHA256

      0e09d3298aae4a2a440ae32321a8f6db607e9cb072156b17eb8fb12b212c1cf6

    • SHA512

      e59a4a14c27365fad90b08feaca57c825f4c6c74b0f551ab0fc652b366d78a26672f85ef37f25249c8d92fe4163773a19eb494ca27cf54fc2d0c704dcfdc95c4

    • SSDEEP

      6144:TYI1JWCrhhzlv6flnULzYRY124mrt/S8kCRyYb0Kn4a8:pJ/F116flKzM62445b4Gn4

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

MITRE ATT&CK Matrix

Tasks