Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    228c570fd2cd4cc6295cc1d395ba3765_JaffaCakes118

  • Size

    2.1MB

  • Sample

    240508-bkm5kaad91

  • MD5

    228c570fd2cd4cc6295cc1d395ba3765

  • SHA1

    2046c882a61ce16ca3e5c6eeb2805c215fa7349a

  • SHA256

    32330a0543d91d97e1f599dc49450aea23989c5f0d549ea30c5d903b1ca94a1c

  • SHA512

    95eac896dbc170b0295b2f895e09814eb881a9c5f2b99e5948b367ab787f40e29dde775ae3d707bd1fd5638383f15c534a1fae504b7e3e708c0fe9fb3eb3756d

  • SSDEEP

    49152:Lz071uv4BPMkibTIA5lCx7kvRWa4pXHafM42:NABx

Malware Config

Targets

    • Target

      228c570fd2cd4cc6295cc1d395ba3765_JaffaCakes118

    • Size

      2.1MB

    • MD5

      228c570fd2cd4cc6295cc1d395ba3765

    • SHA1

      2046c882a61ce16ca3e5c6eeb2805c215fa7349a

    • SHA256

      32330a0543d91d97e1f599dc49450aea23989c5f0d549ea30c5d903b1ca94a1c

    • SHA512

      95eac896dbc170b0295b2f895e09814eb881a9c5f2b99e5948b367ab787f40e29dde775ae3d707bd1fd5638383f15c534a1fae504b7e3e708c0fe9fb3eb3756d

    • SSDEEP

      49152:Lz071uv4BPMkibTIA5lCx7kvRWa4pXHafM42:NABx

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Command and Scripting Interpreter: PowerShell

      Powershell Invoke Web Request.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks