Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JaffaCakes118_f8b50e634b0ce5e325606915748cda22

  • Size

    406KB

  • Sample

    250111-ghwxksxkhz

  • MD5

    f8b50e634b0ce5e325606915748cda22

  • SHA1

    15f4765907e9a36949db7e08161c64b5656d97ad

  • SHA256

    d89c4c5aa03a1862a4b9e2affcde9e86b1a36f639c8bb08031a73d292994edb6

  • SHA512

    eb9fb637d4d79e78fe4f336d9b6f005f98554ab87adec740385fb9cb9099ef79406cc45cf5e44dedcc0ca7971ce81693f8cb51d8ca6810e04363919e4b19ee66

  • SSDEEP

    12288:d/oGajKnUvrBJ8pV0R9rIdbaf6phjCm16L:dLUTH8IRZf6phi

Malware Config

Extracted

Family

redline

Botnet

UTS

C2

45.9.20.182:52236

Attributes
  • auth_value

    a272f3a2850ec3dccdaed97234b7c40e

Targets

    • Target

      JaffaCakes118_f8b50e634b0ce5e325606915748cda22

    • Size

      406KB

    • MD5

      f8b50e634b0ce5e325606915748cda22

    • SHA1

      15f4765907e9a36949db7e08161c64b5656d97ad

    • SHA256

      d89c4c5aa03a1862a4b9e2affcde9e86b1a36f639c8bb08031a73d292994edb6

    • SHA512

      eb9fb637d4d79e78fe4f336d9b6f005f98554ab87adec740385fb9cb9099ef79406cc45cf5e44dedcc0ca7971ce81693f8cb51d8ca6810e04363919e4b19ee66

    • SSDEEP

      12288:d/oGajKnUvrBJ8pV0R9rIdbaf6phjCm16L:dLUTH8IRZf6phi

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

    • RedLine payload

    • Redline family

    • SectopRAT

      SectopRAT is a remote access trojan first seen in November 2019.

    • SectopRAT payload

    • Sectoprat family

MITRE ATT&CK Enterprise v15

Tasks