Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
f649d629b1ff37e96a2a4c577e45d46f_JaffaCakes118
-
Size
68KB
-
Sample
241215-3selyavlgn
-
MD5
f649d629b1ff37e96a2a4c577e45d46f
-
SHA1
5eb0909d2d1e0a757db0d6e17cac81cd7e9ecf60
-
SHA256
3364476f3c84f4db553e7c63264222d560e35375c35e6a42b08a8b9166e16a87
-
SHA512
9f4ecd89a4f79ad69d17ff2316208ce77c802c451fc4827686a39b3dee93f38435a2b98dc9d2c3a8fed21e8e750408204d931a2c8a477f33f38dd6ef94614c2a
-
SSDEEP
1536:hKMTA+8EZIydsU9Zr42nmqOPA2Z4r/ozJNgiGMshK3:hK+IYH4jqOPLGevgVMss3
Static task
static1
Behavioral task
behavioral1
Sample
f649d629b1ff37e96a2a4c577e45d46f_JaffaCakes118.exe
Resource
win7-20240903-en
Malware Config
Extracted
xtremerat
altagoor.no-ip.biz
Targets
-
-
Target
f649d629b1ff37e96a2a4c577e45d46f_JaffaCakes118
-
Size
68KB
-
MD5
f649d629b1ff37e96a2a4c577e45d46f
-
SHA1
5eb0909d2d1e0a757db0d6e17cac81cd7e9ecf60
-
SHA256
3364476f3c84f4db553e7c63264222d560e35375c35e6a42b08a8b9166e16a87
-
SHA512
9f4ecd89a4f79ad69d17ff2316208ce77c802c451fc4827686a39b3dee93f38435a2b98dc9d2c3a8fed21e8e750408204d931a2c8a477f33f38dd6ef94614c2a
-
SSDEEP
1536:hKMTA+8EZIydsU9Zr42nmqOPA2Z4r/ozJNgiGMshK3:hK+IYH4jqOPLGevgVMss3
-
Detect XtremeRAT payload
-
XtremeRAT
The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.
-
Xtremerat family
-
Suspicious use of SetThreadContext
-