Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
cff8b3ec4f738a35ce344f37ef7fad2e_JaffaCakes118
-
Size
427KB
-
Sample
240906-t2k1mswfrr
-
MD5
cff8b3ec4f738a35ce344f37ef7fad2e
-
SHA1
e6bd276f3357f448aae5f8e7ffaa3e224878c521
-
SHA256
a9da6842a63ccf687356ae2edf7719e8179bba25c7e8b768073f9ed53b44ef0d
-
SHA512
181937409b7606f7488225ce2820969d7805c514609e39f304e4339a03bc65dfc9e18b9dc794901cf6949d5c33e9fce516426a389f4dd441c44c83ea262fdf60
-
SSDEEP
6144:TReYcuJPlpLr94w6vTZ2oyfmi+/ZAOLofMOtQjW1qDjTTpOzglh3ZnY1Yif:TgYcuJPlpLx4Dp/ZlGtQjWE/TCE0Yi
Static task
static1
Behavioral task
behavioral1
Sample
cff8b3ec4f738a35ce344f37ef7fad2e_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
cff8b3ec4f738a35ce344f37ef7fad2e_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
redline
@bebrik12333
193.32.164.63:3172
Targets
-
-
Target
cff8b3ec4f738a35ce344f37ef7fad2e_JaffaCakes118
-
Size
427KB
-
MD5
cff8b3ec4f738a35ce344f37ef7fad2e
-
SHA1
e6bd276f3357f448aae5f8e7ffaa3e224878c521
-
SHA256
a9da6842a63ccf687356ae2edf7719e8179bba25c7e8b768073f9ed53b44ef0d
-
SHA512
181937409b7606f7488225ce2820969d7805c514609e39f304e4339a03bc65dfc9e18b9dc794901cf6949d5c33e9fce516426a389f4dd441c44c83ea262fdf60
-
SSDEEP
6144:TReYcuJPlpLr94w6vTZ2oyfmi+/ZAOLofMOtQjW1qDjTTpOzglh3ZnY1Yif:TgYcuJPlpLx4Dp/ZlGtQjWE/TCE0Yi
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
SectopRAT payload
-
Suspicious use of SetThreadContext
-