Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    436f52d2b849cb1c7c817906f9a10afb_JaffaCakes118

  • Size

    65KB

  • Sample

    241014-wehccaxglc

  • MD5

    436f52d2b849cb1c7c817906f9a10afb

  • SHA1

    964957090043350ee563728dd2e66e4f420042ce

  • SHA256

    7c2d3e0031133aeaa7e61f80c8d4a5f4dcfaca877bf84a1fba9ac0f098a41421

  • SHA512

    109a06995e49ded56e70d0996f50382f9712a6513e3b3ff1caa60f0d1d819acc577d4d16bcd4052f84ce0758dc65481de521921aa6347000292194c73a6c09d5

  • SSDEEP

    768:i8m1Sq4NQErBsH1tzoisBKQI6dObAG/dq8uW29Ifnca/yyR+P2ujfGiZKPA+7Xos:Qsq+QV4rObAdXWpf/y+7ozNwi4oef5

Malware Config

Targets

    • Target

      436f52d2b849cb1c7c817906f9a10afb_JaffaCakes118

    • Size

      65KB

    • MD5

      436f52d2b849cb1c7c817906f9a10afb

    • SHA1

      964957090043350ee563728dd2e66e4f420042ce

    • SHA256

      7c2d3e0031133aeaa7e61f80c8d4a5f4dcfaca877bf84a1fba9ac0f098a41421

    • SHA512

      109a06995e49ded56e70d0996f50382f9712a6513e3b3ff1caa60f0d1d819acc577d4d16bcd4052f84ce0758dc65481de521921aa6347000292194c73a6c09d5

    • SSDEEP

      768:i8m1Sq4NQErBsH1tzoisBKQI6dObAG/dq8uW29Ifnca/yyR+P2ujfGiZKPA+7Xos:Qsq+QV4rObAdXWpf/y+7ozNwi4oef5

    • Detect XtremeRAT payload

    • XtremeRAT

      The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks