Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

john.exe

windows7-x64

10

john.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_ccbe9e305f5ba3d97682fe5ebd634799f9d84004b5781d16a9e65fdd60020394

  • Size

    460KB

  • Sample

    241229-ppdcta1qfj

  • MD5

    1cda719751579ed754a0191f5210c446

  • SHA1

    5e569c63216b340f9cda352869ac20460d4faf18

  • SHA256

    ccbe9e305f5ba3d97682fe5ebd634799f9d84004b5781d16a9e65fdd60020394

  • SHA512

    18a89cdc96d31272e00bc93f9153fdf010f94343fc29150329eea04ae63dbb2e38e213d8ab635ccbe2c87f224b0e6217bfac34d34388679cb09d5d9391ca389c

  • SSDEEP

    12288:QYQboZXnk78GgXCL51RHWZMk7Nxix3E4Xv:HQb23CgyLNWV7NU04f

Score
10/10
xloaderp980discoveryloaderrat

Malware Config

Extracted

Family

xloader

Version

2.1

Campaign

p980

Decoy

iwantgoddessevelyn.com

attorneysiraq.com

stfairytale-gakuin.site

mybazaartrip.com

alexjrtransport.com

present-sense.store

bigbucks4you.com

westernwings.info

qrs4u.com

knightsbridgehouse.com

fanamfoods.com

ediblesareincredible.com

revinedbypao.com

psychsolutionsofdurham.com

xn--mykyr-kra.com

sweettreatsepiceats.com

quarnetta.com

femaletopic.com

rockstoneofblue.com

btbaidu.com

Targets

    • Target

      john.bin

    • Size

      501KB

    • MD5

      f5dae2c70407ffa5383fd9fe6442e681

    • SHA1

      b6d90585000081f040f415ec33199e485888dd1c

    • SHA256

      d88a92e9507b6a45dad8c21cdae0abe7a6a97c3f4b8e2d692267a967317e26cd

    • SHA512

      a69a23de5abc7518098a3ad9be8606cb3ce2f45fb8506e019156c1ed5c9d3cbfac3adbba520921f08ff5ae3879f610649b74c297417024bb6632ab6f5e76e405

    • SSDEEP

      12288:0ZaxyU/MCq+2YNinizhdwKMJr5fkR8ZGA7gBQWTHMMs4nEmrAQH:0ZIL/V52Oish+KMJVfkR8/1M/nFH

    Score
    10/10
    xloaderp980discoveryloaderrat

    • Xloader

      Xloader is a rebranded version of Formbook malware.

      loaderxloader

    • Xloader family

      xloader

    • Xloader payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.