Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JaffaCakes118_a720f6ecfb06d2183519d8219c5073d3

  • Size

    364KB

  • Sample

    250108-xx7wdszkdt

  • MD5

    a720f6ecfb06d2183519d8219c5073d3

  • SHA1

    5b55ee7fb652d8b54a4a58a61d57ab98e567c26a

  • SHA256

    e1df518976051c0374de272a35d22856b0bbf3905717af72d7d0a5633a2c9f1f

  • SHA512

    f4aa284ed391263cb486cab3a40b2391c26112acb020f49e6a5e49814c4bc527fcf8be4e15d53571848061f0742c91d8b8215481ddb1bf70cd307f30080f50e4

  • SSDEEP

    6144:75tCeX9DGzsob/lerk4StzUm3ti+Rae2bd23IADG8el:75geX5qBldni+Od23xD

Malware Config

Extracted

Family

redline

Botnet

paladin

C2

188.68.201.6:10085

Attributes
  • auth_value

    f27db372188045eefdf974196ead3dae

Targets

    • Target

      JaffaCakes118_a720f6ecfb06d2183519d8219c5073d3

    • Size

      364KB

    • MD5

      a720f6ecfb06d2183519d8219c5073d3

    • SHA1

      5b55ee7fb652d8b54a4a58a61d57ab98e567c26a

    • SHA256

      e1df518976051c0374de272a35d22856b0bbf3905717af72d7d0a5633a2c9f1f

    • SHA512

      f4aa284ed391263cb486cab3a40b2391c26112acb020f49e6a5e49814c4bc527fcf8be4e15d53571848061f0742c91d8b8215481ddb1bf70cd307f30080f50e4

    • SSDEEP

      6144:75tCeX9DGzsob/lerk4StzUm3ti+Rae2bd23IADG8el:75geX5qBldni+Od23xD

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

    • SectopRAT payload

    • Sectoprat family

MITRE ATT&CK Enterprise v15

Tasks