Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
68efcf3a6c574a8def8b7df6ad0b7c38_JaffaCakes118
-
Size
89KB
-
Sample
240723-zzlr2s1hpd
-
MD5
68efcf3a6c574a8def8b7df6ad0b7c38
-
SHA1
7ce9b6f8b295db974020a34a1bcaf3738d8b3b0a
-
SHA256
499d0cec036abba82cd11c372db30a850133d23c3962244f9d77e16e3099915a
-
SHA512
a0b9d4fb32717f7d27c42c3a26841bc1e2837e9b1475ee49c3056267b1b817d6b005f08b0fbeaa2e74c88ce59699d8094fbef257bf11337726668f76f9f1e46b
-
SSDEEP
1536:OjUxUR3GM6hF+Ar+L01A5+yLml+weU71INBq8DzAUTGN:vUR3Z6hF+Ar+oUcIUONBFDzaN
Static task
static1
Behavioral task
behavioral1
Sample
68efcf3a6c574a8def8b7df6ad0b7c38_JaffaCakes118.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
68efcf3a6c574a8def8b7df6ad0b7c38_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Extracted
xtremerat
lepra.sytes.net
Targets
-
-
Target
68efcf3a6c574a8def8b7df6ad0b7c38_JaffaCakes118
-
Size
89KB
-
MD5
68efcf3a6c574a8def8b7df6ad0b7c38
-
SHA1
7ce9b6f8b295db974020a34a1bcaf3738d8b3b0a
-
SHA256
499d0cec036abba82cd11c372db30a850133d23c3962244f9d77e16e3099915a
-
SHA512
a0b9d4fb32717f7d27c42c3a26841bc1e2837e9b1475ee49c3056267b1b817d6b005f08b0fbeaa2e74c88ce59699d8094fbef257bf11337726668f76f9f1e46b
-
SSDEEP
1536:OjUxUR3GM6hF+Ar+L01A5+yLml+weU71INBq8DzAUTGN:vUR3Z6hF+Ar+oUcIUONBFDzaN
Score10/10-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Suspicious use of SetThreadContext
-