Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
4d5b5be16116810e8826b4c32557816b_JaffaCakes118
-
Size
187KB
-
Sample
241016-rwce7syblq
-
MD5
4d5b5be16116810e8826b4c32557816b
-
SHA1
3f7639ec5a04b38b1441153f336ec0a2ab393d01
-
SHA256
cd69a70ecbaf87a2a4d46885d6601ac92202d22169ee4d6c2d6b4d58faf6edca
-
SHA512
80bc1e308b60742d43667b017ba01d8a9845798feb30d352ad09cf3e90455cb927ba08ef35bd8595806845eca335e2d7db355c95dc74382cd8ad38d32b3a6e30
-
SSDEEP
3072:LaDNI+FjNTjuO8zYkS6P+pmjVItNz/jO71r06JvJiPn29D+55HSk99XJcTphigTP:g2MjNWspjNHSkRF7jmi3a
Static task
static1
Behavioral task
behavioral1
Sample
4d5b5be16116810e8826b4c32557816b_JaffaCakes118.exe
Resource
win7-20240708-en
Malware Config
Targets
-
-
Target
4d5b5be16116810e8826b4c32557816b_JaffaCakes118
-
Size
187KB
-
MD5
4d5b5be16116810e8826b4c32557816b
-
SHA1
3f7639ec5a04b38b1441153f336ec0a2ab393d01
-
SHA256
cd69a70ecbaf87a2a4d46885d6601ac92202d22169ee4d6c2d6b4d58faf6edca
-
SHA512
80bc1e308b60742d43667b017ba01d8a9845798feb30d352ad09cf3e90455cb927ba08ef35bd8595806845eca335e2d7db355c95dc74382cd8ad38d32b3a6e30
-
SSDEEP
3072:LaDNI+FjNTjuO8zYkS6P+pmjVItNz/jO71r06JvJiPn29D+55HSk99XJcTphigTP:g2MjNWspjNHSkRF7jmi3a
-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Suspicious use of SetThreadContext
-