Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    16fb192508fa330cafdcfa5d1a23b0fb_JaffaCakes118

  • Size

    164KB

  • Sample

    240505-k691wsgf75

  • MD5

    16fb192508fa330cafdcfa5d1a23b0fb

  • SHA1

    7f38d60f95f0b7428374477921c0722674a80e0c

  • SHA256

    496ea95f7dd559363ca3b949aaaf3c4f291fe0c2fdb2eb85e8ec581df270e46b

  • SHA512

    9e824d9fdf38f8eec2c27b55a71a9490b469638c69e9a95661cf99a4977f652a1f0c029f4a13e7369d7d408854ac0cb5c27d2b9d427b6cd8928e27d69adabeae

  • SSDEEP

    1536:VAhXAhordi1Ir77zOH98Wj2gpngN+a9Zay9y0J6f264N+s:mrfrzOH98ipgLPJ6fQ+s

Score
10/10

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

http://www.yusukelife.com/wp/ure/

exe.dropper

https://www.ingyouth.com/wp-includes/0zCW/

exe.dropper

http://alphapharma247.com/wp-content/plugins/r/

exe.dropper

http://muanha24h.com/wp-content/fHS7/

exe.dropper

http://buyhacks.net/wp-content/jgLqdhk/

exe.dropper

https://comsotaque.com/wp-includes/5i/

exe.dropper

https://qualitychildcarepreschool.com/emqblk/Ik2D/

Targets

    • Target

      16fb192508fa330cafdcfa5d1a23b0fb_JaffaCakes118

    • Size

      164KB

    • MD5

      16fb192508fa330cafdcfa5d1a23b0fb

    • SHA1

      7f38d60f95f0b7428374477921c0722674a80e0c

    • SHA256

      496ea95f7dd559363ca3b949aaaf3c4f291fe0c2fdb2eb85e8ec581df270e46b

    • SHA512

      9e824d9fdf38f8eec2c27b55a71a9490b469638c69e9a95661cf99a4977f652a1f0c029f4a13e7369d7d408854ac0cb5c27d2b9d427b6cd8928e27d69adabeae

    • SSDEEP

      1536:VAhXAhordi1Ir77zOH98Wj2gpngN+a9Zay9y0J6f264N+s:mrfrzOH98ipgLPJ6fQ+s

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks