Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    5a47c83afe361294f04dc2d1135a147f_JaffaCakes118

  • Size

    629KB

  • Sample

    240331-wps7laha26

  • MD5

    5a47c83afe361294f04dc2d1135a147f

  • SHA1

    0f6a703da0847040237fe866d0edfb2179f84d70

  • SHA256

    0ab967cedf8b0dad891484aea1f1319fdf6360803f68cf11dcd4cedc79f015a4

  • SHA512

    faad232f2410db410d11f380e42484d19e0b8b4bc803822f710f12513d17de8b2a5349d660df631cb36df6be0b5a07c6e9a95048b84cf3bb517f96c925ddf667

  • SSDEEP

    12288:mbqTtukI4DLk+N76BI7G+eDYYQgc6gID6ijVAm5vbZ82NHKLtO2:GmukI6Y+N7uDgl6gI9VAm5vzs

Score
10/10

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

http://18.195.143.183/7/7/IMG_0211678531077.exe

Targets

    • Target

      5a47c83afe361294f04dc2d1135a147f_JaffaCakes118

    • Size

      629KB

    • MD5

      5a47c83afe361294f04dc2d1135a147f

    • SHA1

      0f6a703da0847040237fe866d0edfb2179f84d70

    • SHA256

      0ab967cedf8b0dad891484aea1f1319fdf6360803f68cf11dcd4cedc79f015a4

    • SHA512

      faad232f2410db410d11f380e42484d19e0b8b4bc803822f710f12513d17de8b2a5349d660df631cb36df6be0b5a07c6e9a95048b84cf3bb517f96c925ddf667

    • SSDEEP

      12288:mbqTtukI4DLk+N76BI7G+eDYYQgc6gID6ijVAm5vbZ82NHKLtO2:GmukI6Y+N7uDgl6gI9VAm5vzs

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks