Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

dbfa0def80...72.exe

windows7-x64

10

dbfa0def80...72.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    dbfa0def8076a9c0e39f1058f366a56f934c2028016526c5ece858e415b36e72

  • Size

    142KB

  • Sample

    221205-z1dg3abb7y

  • MD5

    6845b803b2578fa5c99a949d01beb6c5

  • SHA1

    161851a75ce733c18ae5cdb06086dbd04e9becc5

  • SHA256

    dbfa0def8076a9c0e39f1058f366a56f934c2028016526c5ece858e415b36e72

  • SHA512

    7956d4619f69f57a27023b0c1337926d28f887d8b5b3a3a3a9889281c4fda6041e4d0e6243ad4789f581b6a9ad29452bbbbb1a3526fb03492b3f838be65768c6

  • SSDEEP

    3072:f9SQEV2x7fY+4Nm9MK2Y/zauLgiWyyN998oD9cuJShH:MV2xzY+44NWu/kbpcfH

Score
10/10
xtremeratpersistenceratspyware

Malware Config

Targets

    • Target

      dbfa0def8076a9c0e39f1058f366a56f934c2028016526c5ece858e415b36e72

    • Size

      142KB

    • MD5

      6845b803b2578fa5c99a949d01beb6c5

    • SHA1

      161851a75ce733c18ae5cdb06086dbd04e9becc5

    • SHA256

      dbfa0def8076a9c0e39f1058f366a56f934c2028016526c5ece858e415b36e72

    • SHA512

      7956d4619f69f57a27023b0c1337926d28f887d8b5b3a3a3a9889281c4fda6041e4d0e6243ad4789f581b6a9ad29452bbbbb1a3526fb03492b3f838be65768c6

    • SSDEEP

      3072:f9SQEV2x7fY+4Nm9MK2Y/zauLgiWyyN998oD9cuJShH:MV2xzY+44NWu/kbpcfH

    Score
    10/10
    xtremeratpersistenceratspyware

    • Detect XtremeRAT payload

    • XtremeRAT

      The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

      persistencespywareratxtremerat

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks