Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
c6c4bc4f0b1823022d87d608e7f7f19e89d7737707b9e55d0c705fc455504bbe
-
Size
800KB
-
Sample
221204-j5svjsfb6x
-
MD5
da7a7f0674855d40b5f32749a3292151
-
SHA1
492663f7c8f04c6678beec06797a39442182745e
-
SHA256
c6c4bc4f0b1823022d87d608e7f7f19e89d7737707b9e55d0c705fc455504bbe
-
SHA512
4af5840283d8c90f5ce17035e3c3ef01d8889ed277eae96a39b76b5ea4750f68d0e50b6fda21cb12c92161ebcd775984f0c6766e9441bbcafded80e0793b7f23
-
SSDEEP
3072:vRAR2BY1emF6DA00EiqtTG142maYmOEenOBnZn/d4BVFPMuaNOi/mE5g4Sj01xS4:xKQSR
Static task
static1
Behavioral task
behavioral1
Sample
c6c4bc4f0b1823022d87d608e7f7f19e89d7737707b9e55d0c705fc455504bbe.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
c6c4bc4f0b1823022d87d608e7f7f19e89d7737707b9e55d0c705fc455504bbe.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
xtremerat
zainee.no-ip.biz
Targets
-
-
Target
c6c4bc4f0b1823022d87d608e7f7f19e89d7737707b9e55d0c705fc455504bbe
-
Size
800KB
-
MD5
da7a7f0674855d40b5f32749a3292151
-
SHA1
492663f7c8f04c6678beec06797a39442182745e
-
SHA256
c6c4bc4f0b1823022d87d608e7f7f19e89d7737707b9e55d0c705fc455504bbe
-
SHA512
4af5840283d8c90f5ce17035e3c3ef01d8889ed277eae96a39b76b5ea4750f68d0e50b6fda21cb12c92161ebcd775984f0c6766e9441bbcafded80e0793b7f23
-
SSDEEP
3072:vRAR2BY1emF6DA00EiqtTG142maYmOEenOBnZn/d4BVFPMuaNOi/mE5g4Sj01xS4:xKQSR
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Suspicious use of SetThreadContext
-