Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    99d4e6823ca77891ffbdf29922bd1272_JaffaCakes118

  • Size

    629KB

  • Sample

    240402-3azjdsge6v

  • MD5

    99d4e6823ca77891ffbdf29922bd1272

  • SHA1

    1427cf992d01da50eb250b33303d3f8873b989a8

  • SHA256

    e469a3442dbede6e908755799fb367c6f7d729e46b3bc7cf67bca3fa28238ab4

  • SHA512

    28583cf69a39565fdc90e39bf91000c1a9db6dda2ee17c437a7d5644edefb0d2b3d88b591fb7c178333d04a8e9e02634f31a28db650c7d9d8889ca6e4716aa76

  • SSDEEP

    12288:ebqTtukI4DLk+N76BI7G+eDYYQgc6gID6ijVAm5vbZ82NHKLtO2:OmukI6Y+N7uDgl6gI9VAm5vzs

Score
10/10

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

http://18.195.143.183/7/7/RQL_0506111780.exe

Targets

    • Target

      99d4e6823ca77891ffbdf29922bd1272_JaffaCakes118

    • Size

      629KB

    • MD5

      99d4e6823ca77891ffbdf29922bd1272

    • SHA1

      1427cf992d01da50eb250b33303d3f8873b989a8

    • SHA256

      e469a3442dbede6e908755799fb367c6f7d729e46b3bc7cf67bca3fa28238ab4

    • SHA512

      28583cf69a39565fdc90e39bf91000c1a9db6dda2ee17c437a7d5644edefb0d2b3d88b591fb7c178333d04a8e9e02634f31a28db650c7d9d8889ca6e4716aa76

    • SSDEEP

      12288:ebqTtukI4DLk+N76BI7G+eDYYQgc6gID6ijVAm5vbZ82NHKLtO2:OmukI6Y+N7uDgl6gI9VAm5vzs

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks