Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
838a345bc007a981b97e9579b8ee78d7dfc5f717619fab47229efc5ffc5e7958
-
Size
65KB
-
Sample
221205-yk13raah44
-
MD5
e56933481e08daa34c129c24f9a4fc81
-
SHA1
9f4c8f786bab70abd4463edfb66a4a4762e4285d
-
SHA256
838a345bc007a981b97e9579b8ee78d7dfc5f717619fab47229efc5ffc5e7958
-
SHA512
35b4bb49c4467525fc75abf5ecf389ecdea22ff72d7819c755ca54292630530fce52b0c6196bc4417620ec3653a3da836ffe67a975e72c17eed777edfd9e3480
-
SSDEEP
1536:72WyRaJJ62M6hwYvckT7aNxhBs+BTf8o5Vomfu:7qOrPvPT70xhBs+9fvOmfu
Static task
static1
Behavioral task
behavioral1
Sample
838a345bc007a981b97e9579b8ee78d7dfc5f717619fab47229efc5ffc5e7958.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
838a345bc007a981b97e9579b8ee78d7dfc5f717619fab47229efc5ffc5e7958.exe
Resource
win10v2004-20220901-en
Malware Config
Extracted
xtremerat
xstrema.no-ip.org
Targets
-
-
Target
838a345bc007a981b97e9579b8ee78d7dfc5f717619fab47229efc5ffc5e7958
-
Size
65KB
-
MD5
e56933481e08daa34c129c24f9a4fc81
-
SHA1
9f4c8f786bab70abd4463edfb66a4a4762e4285d
-
SHA256
838a345bc007a981b97e9579b8ee78d7dfc5f717619fab47229efc5ffc5e7958
-
SHA512
35b4bb49c4467525fc75abf5ecf389ecdea22ff72d7819c755ca54292630530fce52b0c6196bc4417620ec3653a3da836ffe67a975e72c17eed777edfd9e3480
-
SSDEEP
1536:72WyRaJJ62M6hwYvckT7aNxhBs+BTf8o5Vomfu:7qOrPvPT70xhBs+9fvOmfu
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Suspicious use of SetThreadContext
-