Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    9d0be978f9e41f6f8d3acd8beafb7633_JaffaCakes118

  • Size

    168KB

  • Sample

    240403-cg84asda64

  • MD5

    9d0be978f9e41f6f8d3acd8beafb7633

  • SHA1

    4b82d4bf3f874f0e23219e568b251fd9c06a0517

  • SHA256

    cc79b6addef36d35bd0bf4f00516feb820da0eb89d1768d79c98bc82b136dcc2

  • SHA512

    b5e4d2b878b9da17d2c5e195e970472c038ad5c7b9880abd1545ff83ac678de4c705823c4a216e19180f396980fa5a3d7eacb38e15e8eef006e99e4c7fa1aa87

  • SSDEEP

    3072:lk3hOdsylKlgryzc4bNhZFGzE+cL2knA/KKWXQ3kl/GVMfliRx4J2iSAqsaHHIaJ:lk3hOdsylKlgryzc4bNhZF+E+W2knA/V

Score
10/10

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

http://3.64.251.139/v11/1/TDH_1366621005IMG.exe

Targets

    • Target

      9d0be978f9e41f6f8d3acd8beafb7633_JaffaCakes118

    • Size

      168KB

    • MD5

      9d0be978f9e41f6f8d3acd8beafb7633

    • SHA1

      4b82d4bf3f874f0e23219e568b251fd9c06a0517

    • SHA256

      cc79b6addef36d35bd0bf4f00516feb820da0eb89d1768d79c98bc82b136dcc2

    • SHA512

      b5e4d2b878b9da17d2c5e195e970472c038ad5c7b9880abd1545ff83ac678de4c705823c4a216e19180f396980fa5a3d7eacb38e15e8eef006e99e4c7fa1aa87

    • SSDEEP

      3072:lk3hOdsylKlgryzc4bNhZFGzE+cL2knA/KKWXQ3kl/GVMfliRx4J2iSAqsaHHIaJ:lk3hOdsylKlgryzc4bNhZF+E+W2knA/V

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks