Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JaffaCakes118_a2a74c62152013e3b87bd91f43e2c83f

  • Size

    971KB

  • Sample

    250105-n74gaawjgp

  • MD5

    a2a74c62152013e3b87bd91f43e2c83f

  • SHA1

    d7e2bf61f05ed655f3fee6b461662e9dd50046ff

  • SHA256

    3de544c4b9ea2f60513b30d75580b0700cb3bbe37bee410bbfd1a92330fb76b2

  • SHA512

    48df104c774ee770c86bf2af545c88daa24980e213321ecfcfd77190b136913601e46bedf64a60de14728c507d7ce585a3f982915d584174ed12383c73099d34

  • SSDEEP

    12288:kjgSKclWABuuXUBOVoEFx3O5ZK29PbTy++VWihlxqRe8pFzvB+I/xDN5wd3pDyu0:cKqBRKEaFFBbh

Malware Config

Extracted

Family

redline

C2

141.94.188.138:46419

Attributes
  • auth_value

    3f48b95855158031ae9e7dafcb203009

Targets

    • Target

      JaffaCakes118_a2a74c62152013e3b87bd91f43e2c83f

    • Size

      971KB

    • MD5

      a2a74c62152013e3b87bd91f43e2c83f

    • SHA1

      d7e2bf61f05ed655f3fee6b461662e9dd50046ff

    • SHA256

      3de544c4b9ea2f60513b30d75580b0700cb3bbe37bee410bbfd1a92330fb76b2

    • SHA512

      48df104c774ee770c86bf2af545c88daa24980e213321ecfcfd77190b136913601e46bedf64a60de14728c507d7ce585a3f982915d584174ed12383c73099d34

    • SSDEEP

      12288:kjgSKclWABuuXUBOVoEFx3O5ZK29PbTy++VWihlxqRe8pFzvB+I/xDN5wd3pDyu0:cKqBRKEaFFBbh

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

    • SectopRAT payload

    • Sectoprat family

MITRE ATT&CK Enterprise v15

Tasks