Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
8fbaf88258e1acee8e1c85cb1cd92386
-
Size
183KB
-
Sample
240204-vx6l8ahahk
-
MD5
8fbaf88258e1acee8e1c85cb1cd92386
-
SHA1
07375744c64ac222cb863088bb3897533ced6770
-
SHA256
4aa74c09b33e85f7de851c4caf58f9cbec4f1ac6fdd1ed231e66e0a3335dd840
-
SHA512
665a1e8cb3e9b2101aa6112ce46227aa0313978ddea5bad696d001bdcd70e9b0dc2c26c5a1894ca67b7e0ec16f6404ecc530cb84bc554194c3442940697efbe3
-
SSDEEP
3072:hBPe+2TmObY97TkP7r7QYz0vaRUU4I82pdwVP8KmDnYZUpyl+9R2uhYJ5jP:veTmOb0fC/WypdwVkK8nxxhe
Static task
static1
Behavioral task
behavioral1
Sample
8fbaf88258e1acee8e1c85cb1cd92386.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
8fbaf88258e1acee8e1c85cb1cd92386.exe
Resource
win10v2004-20231222-en
Malware Config
Extracted
xtremerat
headnoip.zapto.org
Targets
-
-
Target
8fbaf88258e1acee8e1c85cb1cd92386
-
Size
183KB
-
MD5
8fbaf88258e1acee8e1c85cb1cd92386
-
SHA1
07375744c64ac222cb863088bb3897533ced6770
-
SHA256
4aa74c09b33e85f7de851c4caf58f9cbec4f1ac6fdd1ed231e66e0a3335dd840
-
SHA512
665a1e8cb3e9b2101aa6112ce46227aa0313978ddea5bad696d001bdcd70e9b0dc2c26c5a1894ca67b7e0ec16f6404ecc530cb84bc554194c3442940697efbe3
-
SSDEEP
3072:hBPe+2TmObY97TkP7r7QYz0vaRUU4I82pdwVP8KmDnYZUpyl+9R2uhYJ5jP:veTmOb0fC/WypdwVkK8nxxhe
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Suspicious use of SetThreadContext
-