Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    4427b579ca5f236df5555b5a2081d4878bb87380f8454389be2ea7d93099df85

  • Size

    141KB

  • Sample

    221129-le461afd84

  • MD5

    fed012a067d88de8813c44b0ae3c2d5a

  • SHA1

    b8c874c10321058b3247850880329bfd294e4f91

  • SHA256

    4427b579ca5f236df5555b5a2081d4878bb87380f8454389be2ea7d93099df85

  • SHA512

    0eb878ea3030d126b80cc7429127bed6775853084a02db4c435e91253fc5e569ee14529e332778215a064add33d4d05aefee5d5fd0dbaf8250a4b0e880fe6d04

  • SSDEEP

    3072:RmVZ3bRZW2+dzaw0sMJttlUyFlI+e+RpOdKqWUuRj:aRDWB5A80I+svfuRj

Malware Config

Targets

    • Target

      4427b579ca5f236df5555b5a2081d4878bb87380f8454389be2ea7d93099df85

    • Size

      141KB

    • MD5

      fed012a067d88de8813c44b0ae3c2d5a

    • SHA1

      b8c874c10321058b3247850880329bfd294e4f91

    • SHA256

      4427b579ca5f236df5555b5a2081d4878bb87380f8454389be2ea7d93099df85

    • SHA512

      0eb878ea3030d126b80cc7429127bed6775853084a02db4c435e91253fc5e569ee14529e332778215a064add33d4d05aefee5d5fd0dbaf8250a4b0e880fe6d04

    • SSDEEP

      3072:RmVZ3bRZW2+dzaw0sMJttlUyFlI+e+RpOdKqWUuRj:aRDWB5A80I+svfuRj

    • Detect XtremeRAT payload

    • XtremeRAT

      The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks