Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

3fababcd18...18.exe

windows7-x64

10

3fababcd18...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3fababcd18fd8a986676ea55cdc16d14_JaffaCakes118

  • Size

    45KB

  • MD5

    3fababcd18fd8a986676ea55cdc16d14

  • SHA1

    c8d0ae13d809e5fb75f518f286f86b1e81c5b40a

  • SHA256

    8adeeedad895d174c55f2d43c1985ff77fc533975cfde64f8dfd99782e4c4b9f

  • SHA512

    b1fa14423b6e67ffba96d8acb3b7b63f3cd4dc3b9665fa2e7ad07cdbb8a7cd92e2523e71786e78dc1f71a742d121c8330d76bc928efe80f4f60300813f57fc02

  • SSDEEP

    768:zu/6ZTgoiziWUUM9rmo2qrH0EKaqEYDPIGzjbJgX3VqA+iOI8yhVdBDZvx:zu/6ZTgle2CUMG3bGXlWiOIDVzdvx

Score
10/10
ratdefaultasyncrat

Malware Config

Extracted

Family

asyncrat

Version

0.5.7B

Botnet

Default

C2

andy1688.ddns.net:1604

Mutex

AsyncMutex_6SI8OkPnk

Attributes
  • delay

    3

  • install

    false

  • install_folder

    %AppData%

aes.plain

Signatures

  • Async RAT payload 1 IoCs
    rat
  • Asyncrat family
    asyncrat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3fababcd18fd8a986676ea55cdc16d14_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections