Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    2c32fd77b49e9b461502bd7b962b3958_JaffaCakes118

  • Size

    448KB

  • Sample

    240509-3aa6sscf8y

  • MD5

    2c32fd77b49e9b461502bd7b962b3958

  • SHA1

    c1ac57ee5ff6d01ede7d6b23fd1b8521d01b77ec

  • SHA256

    2e3a530f6f30e32e7d982308747f0f9015c37e651939dc8e0982b38425e5cfa0

  • SHA512

    e3beb16e77667c3f6014ca180151c03699e0a609100abb53e5012a86588eb3f3029c9e4be48b24d9d2fc945f8e61d33fc66d218649f5e5f87b6120891f297287

  • SSDEEP

    12288:dER6Wq4aaE6KwyF5L0Y2D1PqLoHPvCMaD:dEnthEVaPqLIPs

Score
7/10

Malware Config

Targets

    • Target

      2c32fd77b49e9b461502bd7b962b3958_JaffaCakes118

    • Size

      448KB

    • MD5

      2c32fd77b49e9b461502bd7b962b3958

    • SHA1

      c1ac57ee5ff6d01ede7d6b23fd1b8521d01b77ec

    • SHA256

      2e3a530f6f30e32e7d982308747f0f9015c37e651939dc8e0982b38425e5cfa0

    • SHA512

      e3beb16e77667c3f6014ca180151c03699e0a609100abb53e5012a86588eb3f3029c9e4be48b24d9d2fc945f8e61d33fc66d218649f5e5f87b6120891f297287

    • SSDEEP

      12288:dER6Wq4aaE6KwyF5L0Y2D1PqLoHPvCMaD:dEnthEVaPqLIPs

    Score
    7/10
    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

MITRE ATT&CK Enterprise v15

Tasks