Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JaffaCakes118_c51c6e7ea7a29a16e44d275bcdf72656

  • Size

    971KB

  • Sample

    250109-lv8t5aymfm

  • MD5

    c51c6e7ea7a29a16e44d275bcdf72656

  • SHA1

    2fb15b2da024c217f08b2821a0dfdb2bcb4551a6

  • SHA256

    3f4eed884029b6f6bf25c70b72f54fdd5f36651f3d52871fe13a96bd0858e5c8

  • SHA512

    9f25c6502fc4c931ca820ce7e7a09174cdb641d7041fa5746cf3148cd48941134749ab8802eb6c6dd5cb5b8865d2c4512615c97177aa932e86b4966d9782e359

  • SSDEEP

    12288:zjgSKclWABwzDv4HpADNs/mxXhNs70ysTC4x9BKu88O55wd3pDyuWOd1LfsSM+9S:pKqBeUmjBQV

Malware Config

Extracted

Family

redline

C2

141.94.188.138:46419

Attributes
  • auth_value

    3f48b95855158031ae9e7dafcb203009

Targets

    • Target

      JaffaCakes118_c51c6e7ea7a29a16e44d275bcdf72656

    • Size

      971KB

    • MD5

      c51c6e7ea7a29a16e44d275bcdf72656

    • SHA1

      2fb15b2da024c217f08b2821a0dfdb2bcb4551a6

    • SHA256

      3f4eed884029b6f6bf25c70b72f54fdd5f36651f3d52871fe13a96bd0858e5c8

    • SHA512

      9f25c6502fc4c931ca820ce7e7a09174cdb641d7041fa5746cf3148cd48941134749ab8802eb6c6dd5cb5b8865d2c4512615c97177aa932e86b4966d9782e359

    • SSDEEP

      12288:zjgSKclWABwzDv4HpADNs/mxXhNs70ysTC4x9BKu88O55wd3pDyuWOd1LfsSM+9S:pKqBeUmjBQV

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

    • SectopRAT payload

    • Sectoprat family

MITRE ATT&CK Enterprise v15

Tasks