Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    9934f525e8ea1c8a4b24a3f2e4bc41fe_JaffaCakes118

  • Size

    629KB

  • Sample

    240402-2qxt3agb33

  • MD5

    9934f525e8ea1c8a4b24a3f2e4bc41fe

  • SHA1

    579e8c03eac407eb6cc268419d0cc39ea743a14e

  • SHA256

    a39fb6c88577cf1433d6c45a30ae8f9cd746431a81a8f0e883ebdeaf3479b220

  • SHA512

    cbb3131747ad5ceed607606ba39b3562d9c1d55c293c41491fb2a2d3c832be5bb75cce572d22cab8d541b2854932feee102377e4c57f5236008a159379d4a798

  • SSDEEP

    12288:zbqTtukI4DLk+N76BI7G+eDYYQgc6gID6ijVAm5vbZ82NHKLtO2:HmukI6Y+N7uDgl6gI9VAm5vzs

Score
10/10

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

http://18.195.143.183/7/7/BTL_01145120_160850IMG.exe

Targets

    • Target

      9934f525e8ea1c8a4b24a3f2e4bc41fe_JaffaCakes118

    • Size

      629KB

    • MD5

      9934f525e8ea1c8a4b24a3f2e4bc41fe

    • SHA1

      579e8c03eac407eb6cc268419d0cc39ea743a14e

    • SHA256

      a39fb6c88577cf1433d6c45a30ae8f9cd746431a81a8f0e883ebdeaf3479b220

    • SHA512

      cbb3131747ad5ceed607606ba39b3562d9c1d55c293c41491fb2a2d3c832be5bb75cce572d22cab8d541b2854932feee102377e4c57f5236008a159379d4a798

    • SSDEEP

      12288:zbqTtukI4DLk+N76BI7G+eDYYQgc6gID6ijVAm5vbZ82NHKLtO2:HmukI6Y+N7uDgl6gI9VAm5vzs

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks