Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

3ed813685d...18.exe

windows7-x64

10

3ed813685d...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3ed813685d098c623ac97a5a50265647_JaffaCakes118

  • Size

    44KB

  • Sample

    240513-lkxdcahe94

  • MD5

    3ed813685d098c623ac97a5a50265647

  • SHA1

    bd5384f421ffc4467dd650ce7c573bc09a6d13e3

  • SHA256

    d98beabf467016288f95803658ef9736a22cdbccf7a6e5cd07c2e8c188e424e4

  • SHA512

    a1754a5ce70fd917730781086c45eb48f47acbbc79fac2194db9e94689eef857dce397d3075e3d3be03b02439fe8ff973e0060c85474a8acbdadbc13f9a21163

  • SSDEEP

    768:BBr+tjFqTPkAlfztB1lr6an3smTA8uvm2MjCpPtzo6:nyRUHlrL1lr6an3TLuvm25Fo6

Score
10/10
xtremeratpersistenceratspyware

Malware Config

Extracted

Family

xtremerat

C2

mistero1986.no-ip.org

Targets

    • Target

      3ed813685d098c623ac97a5a50265647_JaffaCakes118

    • Size

      44KB

    • MD5

      3ed813685d098c623ac97a5a50265647

    • SHA1

      bd5384f421ffc4467dd650ce7c573bc09a6d13e3

    • SHA256

      d98beabf467016288f95803658ef9736a22cdbccf7a6e5cd07c2e8c188e424e4

    • SHA512

      a1754a5ce70fd917730781086c45eb48f47acbbc79fac2194db9e94689eef857dce397d3075e3d3be03b02439fe8ff973e0060c85474a8acbdadbc13f9a21163

    • SSDEEP

      768:BBr+tjFqTPkAlfztB1lr6an3smTA8uvm2MjCpPtzo6:nyRUHlrL1lr6an3TLuvm25Fo6

    Score
    10/10
    xtremeratpersistenceratspyware

    • Detect XtremeRAT payload

    • XtremeRAT

      The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

      persistencespywareratxtremerat

    • Modifies Installed Components in the registry

      persistence

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.