Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    71cf8bbb7d0eada74b4aa426b3693689_JaffaCakes118

  • Size

    163KB

  • Sample

    240525-nm3n9afc59

  • MD5

    71cf8bbb7d0eada74b4aa426b3693689

  • SHA1

    13ea6ca92ee7f14a2ea8c4a349743df603fe2ab7

  • SHA256

    35422a417432ffa66edca6cb55b6e7d98bca2c621014133e55beac2e9a02bf11

  • SHA512

    74712419421e04995768972ce4b3b3ec78b5b379b0c012b7a0719ab07cd698c8863885619a0cda63b709cfc05c6f90df508d275c0b15c14cfd8b3fc18433d44d

  • SSDEEP

    1536:glfrdi1Ir77zOH98Wj2gpngx+a99vM/+h+F3K:YrfrzOH98ipghvMy+F3K

Score
10/10

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

http://dheeranet.com/Pej/

exe.dropper

http://playschoolmatritva.com/cgi-bin/Uh/

exe.dropper

http://dikshadayal.com/cgi-bin/Zl78esq/

exe.dropper

http://new.mylicense.ca/5aiibj/vS2/

exe.dropper

http://nucleokardecistalace.org.br/wp-includes/HviA/

exe.dropper

http://britanniacricketleague.com/wp-admin/3qc8lQB/

exe.dropper

https://www.hhbiao.com/ro/4Kh/

Targets

    • Target

      71cf8bbb7d0eada74b4aa426b3693689_JaffaCakes118

    • Size

      163KB

    • MD5

      71cf8bbb7d0eada74b4aa426b3693689

    • SHA1

      13ea6ca92ee7f14a2ea8c4a349743df603fe2ab7

    • SHA256

      35422a417432ffa66edca6cb55b6e7d98bca2c621014133e55beac2e9a02bf11

    • SHA512

      74712419421e04995768972ce4b3b3ec78b5b379b0c012b7a0719ab07cd698c8863885619a0cda63b709cfc05c6f90df508d275c0b15c14cfd8b3fc18433d44d

    • SSDEEP

      1536:glfrdi1Ir77zOH98Wj2gpngx+a99vM/+h+F3K:YrfrzOH98ipghvMy+F3K

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

    • Process spawned suspicious child process

      This child process is typically not spawned unless (for example) the parent process crashes. This typically indicates the parent process was unsuccessfully compromised.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks