Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
6ba23dde45052a3c6bc265c3b0a3da529ed08b7aa2532b0f2f723264bc8de208
-
Size
237KB
-
Sample
220919-a23qxahba9
-
MD5
bb1349a308133fd9e4c5abbbb3c9f916
-
SHA1
1c23d0291ce79a9e1947ff8b410ab851ce574f6b
-
SHA256
6ba23dde45052a3c6bc265c3b0a3da529ed08b7aa2532b0f2f723264bc8de208
-
SHA512
8c40320ec6cd128c9c7df8476489b08a244eb6afe283ea664d8de1171059799863d90d988a5fcaaf99491921d988bb0726bd63e2c73030d979f90533f0f02f91
-
SSDEEP
6144:zqY9SC2DqBRhVh8njm9VCwH+ep7Ld7G8nZDHpv:uYMusnjmLjbiqHv
Static task
static1
Behavioral task
behavioral1
Sample
6ba23dde45052a3c6bc265c3b0a3da529ed08b7aa2532b0f2f723264bc8de208.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
6ba23dde45052a3c6bc265c3b0a3da529ed08b7aa2532b0f2f723264bc8de208.exe
Resource
win10v2004-20220901-en
Malware Config
Extracted
xtremerat
xtrema.no-ip.org
Targets
-
-
Target
6ba23dde45052a3c6bc265c3b0a3da529ed08b7aa2532b0f2f723264bc8de208
-
Size
237KB
-
MD5
bb1349a308133fd9e4c5abbbb3c9f916
-
SHA1
1c23d0291ce79a9e1947ff8b410ab851ce574f6b
-
SHA256
6ba23dde45052a3c6bc265c3b0a3da529ed08b7aa2532b0f2f723264bc8de208
-
SHA512
8c40320ec6cd128c9c7df8476489b08a244eb6afe283ea664d8de1171059799863d90d988a5fcaaf99491921d988bb0726bd63e2c73030d979f90533f0f02f91
-
SSDEEP
6144:zqY9SC2DqBRhVh8njm9VCwH+ep7Ld7G8nZDHpv:uYMusnjmLjbiqHv
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Suspicious use of SetThreadContext
-