Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    0ec2807c005fdce9c0baa6942433b5c7_JaffaCakes118

  • Size

    462KB

  • Sample

    240625-t1ahhstcqk

  • MD5

    0ec2807c005fdce9c0baa6942433b5c7

  • SHA1

    cd219241ae9d1f095193573f32243ddafc8574f2

  • SHA256

    6fbc881e531869268636e066de0cda514b2e5e0052b841ac5543f89f3c4616cc

  • SHA512

    04e339a2caa3d27ba140746cfb35fe547c5071b43f4f8d8260db4b952408527259e08adedb0caaa6d790c9b91178cd2c3cedaee37efb8d61773a8035acd86249

  • SSDEEP

    12288:3eDjSp7U52X6elDA8W8vPlu+VbxQlBz8JyrmUUQZpT5m:OE7UAq4A8WOPw+VbSvpr8QZa

Malware Config

Extracted

Family

xtremerat

C2

cacon.zapto.org

Targets

    • Target

      0ec2807c005fdce9c0baa6942433b5c7_JaffaCakes118

    • Size

      462KB

    • MD5

      0ec2807c005fdce9c0baa6942433b5c7

    • SHA1

      cd219241ae9d1f095193573f32243ddafc8574f2

    • SHA256

      6fbc881e531869268636e066de0cda514b2e5e0052b841ac5543f89f3c4616cc

    • SHA512

      04e339a2caa3d27ba140746cfb35fe547c5071b43f4f8d8260db4b952408527259e08adedb0caaa6d790c9b91178cd2c3cedaee37efb8d61773a8035acd86249

    • SSDEEP

      12288:3eDjSp7U52X6elDA8W8vPlu+VbxQlBz8JyrmUUQZpT5m:OE7UAq4A8WOPw+VbSvpr8QZa

    • Detect XtremeRAT payload

    • XtremeRAT

      The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks