Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
919b080c6200fbf05a741ec572f077b116d87849fa595d90daa6537e3f9cbaf3
-
Size
537KB
-
Sample
221205-pnm6madg3s
-
MD5
8c9baa45fb37a6c89cb9861dcc8d2f1f
-
SHA1
65342cfdd656011df268269cfa07f93d351bca00
-
SHA256
919b080c6200fbf05a741ec572f077b116d87849fa595d90daa6537e3f9cbaf3
-
SHA512
f76cfa6dab53abc804285780d52c4608a11b90461930ea03d11e2b3a58c89d67254f2b1e4f25adabc38156dab9aaaecc8298f8b2f9b4dddfa15fb5d8a0039f0b
-
SSDEEP
12288:UoS493ACIl7vI1kiqHNnyVek/a4QmHNX467p9KMSL8vbfcF3baixe/:UoIjIbgyLC495467zKMRzcVei4/
Static task
static1
Behavioral task
behavioral1
Sample
919b080c6200fbf05a741ec572f077b116d87849fa595d90daa6537e3f9cbaf3.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
919b080c6200fbf05a741ec572f077b116d87849fa595d90daa6537e3f9cbaf3.exe
Resource
win10v2004-20220901-en
Malware Config
Extracted
xtremerat
maradona.no-ip.org
Targets
-
-
Target
919b080c6200fbf05a741ec572f077b116d87849fa595d90daa6537e3f9cbaf3
-
Size
537KB
-
MD5
8c9baa45fb37a6c89cb9861dcc8d2f1f
-
SHA1
65342cfdd656011df268269cfa07f93d351bca00
-
SHA256
919b080c6200fbf05a741ec572f077b116d87849fa595d90daa6537e3f9cbaf3
-
SHA512
f76cfa6dab53abc804285780d52c4608a11b90461930ea03d11e2b3a58c89d67254f2b1e4f25adabc38156dab9aaaecc8298f8b2f9b4dddfa15fb5d8a0039f0b
-
SSDEEP
12288:UoS493ACIl7vI1kiqHNnyVek/a4QmHNX467p9KMSL8vbfcF3baixe/:UoIjIbgyLC495467zKMRzcVei4/
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Suspicious use of SetThreadContext
-