Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    4d5b5be16116810e8826b4c32557816b_JaffaCakes118

  • Size

    187KB

  • Sample

    241016-rwce7syblq

  • MD5

    4d5b5be16116810e8826b4c32557816b

  • SHA1

    3f7639ec5a04b38b1441153f336ec0a2ab393d01

  • SHA256

    cd69a70ecbaf87a2a4d46885d6601ac92202d22169ee4d6c2d6b4d58faf6edca

  • SHA512

    80bc1e308b60742d43667b017ba01d8a9845798feb30d352ad09cf3e90455cb927ba08ef35bd8595806845eca335e2d7db355c95dc74382cd8ad38d32b3a6e30

  • SSDEEP

    3072:LaDNI+FjNTjuO8zYkS6P+pmjVItNz/jO71r06JvJiPn29D+55HSk99XJcTphigTP:g2MjNWspjNHSkRF7jmi3a

Malware Config

Targets

    • Target

      4d5b5be16116810e8826b4c32557816b_JaffaCakes118

    • Size

      187KB

    • MD5

      4d5b5be16116810e8826b4c32557816b

    • SHA1

      3f7639ec5a04b38b1441153f336ec0a2ab393d01

    • SHA256

      cd69a70ecbaf87a2a4d46885d6601ac92202d22169ee4d6c2d6b4d58faf6edca

    • SHA512

      80bc1e308b60742d43667b017ba01d8a9845798feb30d352ad09cf3e90455cb927ba08ef35bd8595806845eca335e2d7db355c95dc74382cd8ad38d32b3a6e30

    • SSDEEP

      3072:LaDNI+FjNTjuO8zYkS6P+pmjVItNz/jO71r06JvJiPn29D+55HSk99XJcTphigTP:g2MjNWspjNHSkRF7jmi3a

    • Detect XtremeRAT payload

    • XtremeRAT

      The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks