Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JaffaCakes118_2ada9bc30cae2fcaf9f8a816265616cf

  • Size

    278KB

  • Sample

    250125-mvkyqs1kgq

  • MD5

    2ada9bc30cae2fcaf9f8a816265616cf

  • SHA1

    34e62bff42242a7863c444786fa1774ab8f58bbf

  • SHA256

    6c5e5bf4128285e6da84852003dc125bbf36a67d42dfaf55ccd3658de4b87c4b

  • SHA512

    15e20fed31de6171e4f0f64ab2b90fbf598d0d6a4348c427fa0ddb3723f8f1c71c3a6985fae0ffe492e767872c607ae07b643e04e2d36c0d1b9a33c7edc33741

  • SSDEEP

    1536:c+inrUPpUKv9w/MHweNh1ZqL3JemIxVzBP:3in4pUKvXLN2JVMh

Malware Config

Targets

    • Target

      JaffaCakes118_2ada9bc30cae2fcaf9f8a816265616cf

    • Size

      278KB

    • MD5

      2ada9bc30cae2fcaf9f8a816265616cf

    • SHA1

      34e62bff42242a7863c444786fa1774ab8f58bbf

    • SHA256

      6c5e5bf4128285e6da84852003dc125bbf36a67d42dfaf55ccd3658de4b87c4b

    • SHA512

      15e20fed31de6171e4f0f64ab2b90fbf598d0d6a4348c427fa0ddb3723f8f1c71c3a6985fae0ffe492e767872c607ae07b643e04e2d36c0d1b9a33c7edc33741

    • SSDEEP

      1536:c+inrUPpUKv9w/MHweNh1ZqL3JemIxVzBP:3in4pUKvXLN2JVMh

    • Detect XtremeRAT payload

    • XtremeRAT

      The XtremeRAT was developed by xtremecoder and has been available since at least 2010, and written in Delphi.

    • Xtremerat family

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks