Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    0f425a4707b96550d100b3637d0bb6d0_JaffaCakes118

  • Size

    1.9MB

  • Sample

    240503-av8nksae71

  • MD5

    0f425a4707b96550d100b3637d0bb6d0

  • SHA1

    313d5a06d35f018650fb4277aad532457022a666

  • SHA256

    91f488398d4aca958fa574fa99a1268851a4a242d81d7820aac25cec1f0eee62

  • SHA512

    42c39a4efb222cf538f80bb8da411fba2bf9cf150fb456803eca07d0e23017bf7f380dbd6673af9d29238ef19001f30096f6c138f8d6559893d3705246bb3a25

  • SSDEEP

    49152:Lz071uv4BPMkibTIA5lCx7kvRWa4p1HzDgUUDh:NABa

Malware Config

Targets

    • Target

      0f425a4707b96550d100b3637d0bb6d0_JaffaCakes118

    • Size

      1.9MB

    • MD5

      0f425a4707b96550d100b3637d0bb6d0

    • SHA1

      313d5a06d35f018650fb4277aad532457022a666

    • SHA256

      91f488398d4aca958fa574fa99a1268851a4a242d81d7820aac25cec1f0eee62

    • SHA512

      42c39a4efb222cf538f80bb8da411fba2bf9cf150fb456803eca07d0e23017bf7f380dbd6673af9d29238ef19001f30096f6c138f8d6559893d3705246bb3a25

    • SSDEEP

      49152:Lz071uv4BPMkibTIA5lCx7kvRWa4p1HzDgUUDh:NABa

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Blocklisted process makes network request

    • Command and Scripting Interpreter: PowerShell

      Powershell Invoke Web Request.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.