Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    e82dbcacafa13747998191fdc23796ef_JaffaCakes118

  • Size

    247KB

  • Sample

    240408-xnbrlacb7s

  • MD5

    e82dbcacafa13747998191fdc23796ef

  • SHA1

    4fa8c0f14c16faf7b8a97e55ad5dd49bb7181596

  • SHA256

    75b180072fbde634be99159839b49ccb2ca91ae37b79bb06a1c0f294fc3d341c

  • SHA512

    28fe94fbec6fdd24719115f56e28bfc54c768c8a50d3cb922e2383023595a1ffe356d733a7ee17d6ecba14887299bfe82a7ebc664261709d71105d42efb10cf4

  • SSDEEP

    6144:3Kpb8rGYrMPe3q7Q0XV5xtuEsi8/dgJ9jWvcZZdtjq15OD7IvOEPD0lgvS3enw7Y:q9jFrjmkD7IvLDK3vLvfn1+2a

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://rickcovell.net/BuQQdjLrrO19/li.html

xlm40.dropper

https://networktmg.com/ryrwQGN3wPpT/li.html

xlm40.dropper

https://thamilanda.co.in/fui6yOqX0Wyb/li.html

Targets

    • Target

      e82dbcacafa13747998191fdc23796ef_JaffaCakes118

    • Size

      247KB

    • MD5

      e82dbcacafa13747998191fdc23796ef

    • SHA1

      4fa8c0f14c16faf7b8a97e55ad5dd49bb7181596

    • SHA256

      75b180072fbde634be99159839b49ccb2ca91ae37b79bb06a1c0f294fc3d341c

    • SHA512

      28fe94fbec6fdd24719115f56e28bfc54c768c8a50d3cb922e2383023595a1ffe356d733a7ee17d6ecba14887299bfe82a7ebc664261709d71105d42efb10cf4

    • SSDEEP

      6144:3Kpb8rGYrMPe3q7Q0XV5xtuEsi8/dgJ9jWvcZZdtjq15OD7IvOEPD0lgvS3enw7Y:q9jFrjmkD7IvLDK3vLvfn1+2a

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks