Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    482d7feec23342dffb94009e980435d0_JaffaCakes118

  • Size

    106KB

  • Sample

    240715-etr2naxekk

  • MD5

    482d7feec23342dffb94009e980435d0

  • SHA1

    f3efc41bfc1f28b8a62c32959a59c88a939ba18d

  • SHA256

    2f4d1c9096c9dc91f2b7ecdf238776148cfdaecc75c5ae3b5ee251d1d06ff23c

  • SHA512

    2877742ea88c25a2abc263dfc3ed121b5626e5e2b517f4c88b965c8412070ab2e5e88832365fe29c6cacc4d740872e9728ffe24ee2f909bd9286ca9f1f2af79f

  • SSDEEP

    1536:Ds6LA97tnPEjGsiHNVTqSrA060+tNJ4jtnWQHRnQxaMJnrAlwMNE9t:IhsiHNVGSF60+tNSWQHGcMJnrAlpNMt

Malware Config

Targets

    • Target

      482d7feec23342dffb94009e980435d0_JaffaCakes118

    • Size

      106KB

    • MD5

      482d7feec23342dffb94009e980435d0

    • SHA1

      f3efc41bfc1f28b8a62c32959a59c88a939ba18d

    • SHA256

      2f4d1c9096c9dc91f2b7ecdf238776148cfdaecc75c5ae3b5ee251d1d06ff23c

    • SHA512

      2877742ea88c25a2abc263dfc3ed121b5626e5e2b517f4c88b965c8412070ab2e5e88832365fe29c6cacc4d740872e9728ffe24ee2f909bd9286ca9f1f2af79f

    • SSDEEP

      1536:Ds6LA97tnPEjGsiHNVTqSrA060+tNJ4jtnWQHRnQxaMJnrAlwMNE9t:IhsiHNVGSF60+tNSWQHGcMJnrAlpNMt

    • Detect XtremeRAT payload

    • XtremeRAT

      The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks