Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    268104ac7fd244e33b0d072e3aaf8c7f_JaffaCakes118

  • Size

    194KB

  • Sample

    240508-ytz7tada6t

  • MD5

    268104ac7fd244e33b0d072e3aaf8c7f

  • SHA1

    165cb836f16b05ebb35ff609e09721a9df871427

  • SHA256

    b91795826d1ceca51e57aeb1aa43ac0960c1aed23a0a8ea2949528f7a5938598

  • SHA512

    795ebe5b1ee0df803b4dfe356d51a8c1a571133f917e2864e4accb71dadcbaa0ee8e79dafb4fdf0c2bd980b6c3115bccf2e6ff5cc3d96fbcaf5ab7a4c51e4934

  • SSDEEP

    1536:DGGGGGGGGGG2xJLEt+LaaGGGGGGGGGGjLo9xilqfqdFTaFVT/EA8s9p8cjMfmVS9:+rfrzOH98ipgAd58cxs

Score
10/10

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

http://boys86.com/wp-admin/mO/

exe.dropper

http://dacyclin.com/3qx/Z/

exe.dropper

https://fepami.com/wp-includes/oRT/

exe.dropper

https://xnxxfullhd.com/wp-admin/NAK/

exe.dropper

https://www.business-management-degree.net/wp-snapshots/W/

exe.dropper

http://homestay.design/wordpress/M/

exe.dropper

https://csc-comunity.com/wp-admin/6DW/

Targets

    • Target

      268104ac7fd244e33b0d072e3aaf8c7f_JaffaCakes118

    • Size

      194KB

    • MD5

      268104ac7fd244e33b0d072e3aaf8c7f

    • SHA1

      165cb836f16b05ebb35ff609e09721a9df871427

    • SHA256

      b91795826d1ceca51e57aeb1aa43ac0960c1aed23a0a8ea2949528f7a5938598

    • SHA512

      795ebe5b1ee0df803b4dfe356d51a8c1a571133f917e2864e4accb71dadcbaa0ee8e79dafb4fdf0c2bd980b6c3115bccf2e6ff5cc3d96fbcaf5ab7a4c51e4934

    • SSDEEP

      1536:DGGGGGGGGGG2xJLEt+LaaGGGGGGGGGGjLo9xilqfqdFTaFVT/EA8s9p8cjMfmVS9:+rfrzOH98ipgAd58cxs

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks