Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
a7c3493de6970cd2c7f3fa099893459e_JaffaCakes118
-
Size
101KB
-
Sample
240818-w8avcs1cnk
-
MD5
a7c3493de6970cd2c7f3fa099893459e
-
SHA1
a8b0e309791b5b47b8dee083c7071625560379aa
-
SHA256
63bf4e48621084d50df9174f5c548168ebb3c26d91299d9e129c30b37b6a33b7
-
SHA512
26a2417ea4e2d022a1b96b6f30cebb1bc56bffb3a30bd3421b8dfcc14f95700f34e6b8b131e7868ddf16cc18111145ca6d47a6d4310dca03ee811eedc0b657b6
-
SSDEEP
1536:Ogh/Qk5xku/BTxnW069gE9nKzFre0FT98nvhVGqDjNldt8+xwIiuilPLzHPop3a4:7h/Qk5xku/BTQ00hVGYjNdliRLzw
Static task
static1
Behavioral task
behavioral1
Sample
a7c3493de6970cd2c7f3fa099893459e_JaffaCakes118.exe
Resource
win7-20240729-en
Malware Config
Extracted
xtremerat
ketchup.no-ip.biz
Targets
-
-
Target
a7c3493de6970cd2c7f3fa099893459e_JaffaCakes118
-
Size
101KB
-
MD5
a7c3493de6970cd2c7f3fa099893459e
-
SHA1
a8b0e309791b5b47b8dee083c7071625560379aa
-
SHA256
63bf4e48621084d50df9174f5c548168ebb3c26d91299d9e129c30b37b6a33b7
-
SHA512
26a2417ea4e2d022a1b96b6f30cebb1bc56bffb3a30bd3421b8dfcc14f95700f34e6b8b131e7868ddf16cc18111145ca6d47a6d4310dca03ee811eedc0b657b6
-
SSDEEP
1536:Ogh/Qk5xku/BTxnW069gE9nKzFre0FT98nvhVGqDjNldt8+xwIiuilPLzHPop3a4:7h/Qk5xku/BTQ00hVGYjNdliRLzw
-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Suspicious use of SetThreadContext
-