Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JaffaCakes118_274b2285d73409e280ddf70f330e3f0d

  • Size

    238KB

  • Sample

    250125-cj863s1pbk

  • MD5

    274b2285d73409e280ddf70f330e3f0d

  • SHA1

    98140f542775f6c73b795713d7fe1b5828b15a53

  • SHA256

    c9d47aa23f51f27f51082ccaabb34093da7832945f587d0b32a53e21d9a2824d

  • SHA512

    5bda5ddfb6f76dc60fff4c3049f8102c20e2cafc6992de4b40ba6d75c474a37b395db353e5c50d57c1520e84481bdd5bd1351c74abca7bfe2c21ced62007816a

  • SSDEEP

    6144:mOHhnV9TaWanVx7B0zEhcaFpvBw1nHAUlLMvUJEWinnfMa+9a:mO9Tahnb7BDMp6MuWif2a

Malware Config

Extracted

Family

xtremerat

C2

psycho-mantis.no-ip.org

Targets

    • Target

      JaffaCakes118_274b2285d73409e280ddf70f330e3f0d

    • Size

      238KB

    • MD5

      274b2285d73409e280ddf70f330e3f0d

    • SHA1

      98140f542775f6c73b795713d7fe1b5828b15a53

    • SHA256

      c9d47aa23f51f27f51082ccaabb34093da7832945f587d0b32a53e21d9a2824d

    • SHA512

      5bda5ddfb6f76dc60fff4c3049f8102c20e2cafc6992de4b40ba6d75c474a37b395db353e5c50d57c1520e84481bdd5bd1351c74abca7bfe2c21ced62007816a

    • SSDEEP

      6144:mOHhnV9TaWanVx7B0zEhcaFpvBw1nHAUlLMvUJEWinnfMa+9a:mO9Tahnb7BDMp6MuWif2a

    • Detect XtremeRAT payload

    • XtremeRAT

      The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

    • Xtremerat family

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks