Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
3f62ab7b6ee72afeead55185c04c4616_JaffaCakes118
-
Size
81KB
-
Sample
241013-mq8t1ascph
-
MD5
3f62ab7b6ee72afeead55185c04c4616
-
SHA1
df0c6e00a00578e1725273eea97f73d9de832b97
-
SHA256
af951baf282071dbaa566ed420ed6d7e23ac8c614fa154d6f0069d981c83fd3d
-
SHA512
a368aff28d3a24eac13a5e84887d5bea9e3209c93249473c478571a69874358310a21bb52644793c9d2d5b7b9866d1578211be58a833fd6867633e4c6e9c3da6
-
SSDEEP
1536:WG2EnTramCVTJ10e9yhVu6LnuO+riYw7ePFy2y75AMH:WynvBCVTJ10ey0EKz4ztJH
Static task
static1
Behavioral task
behavioral1
Sample
3f62ab7b6ee72afeead55185c04c4616_JaffaCakes118.exe
Resource
win7-20240708-en
Malware Config
Extracted
xtremerat
ianouar25.zapto.org
Targets
-
-
Target
3f62ab7b6ee72afeead55185c04c4616_JaffaCakes118
-
Size
81KB
-
MD5
3f62ab7b6ee72afeead55185c04c4616
-
SHA1
df0c6e00a00578e1725273eea97f73d9de832b97
-
SHA256
af951baf282071dbaa566ed420ed6d7e23ac8c614fa154d6f0069d981c83fd3d
-
SHA512
a368aff28d3a24eac13a5e84887d5bea9e3209c93249473c478571a69874358310a21bb52644793c9d2d5b7b9866d1578211be58a833fd6867633e4c6e9c3da6
-
SSDEEP
1536:WG2EnTramCVTJ10e9yhVu6LnuO+riYw7ePFy2y75AMH:WynvBCVTJ10ey0EKz4ztJH
-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Suspicious use of SetThreadContext
-