Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    7c71eaf7075fb4f2341c6e96f62bdcd6_JaffaCakes118

  • Size

    79KB

  • Sample

    240528-k7rkyadf9x

  • MD5

    7c71eaf7075fb4f2341c6e96f62bdcd6

  • SHA1

    b0eea5f11255aa54de7b74222f8099332044cbd6

  • SHA256

    4a2173896009fd1430ee3eebb4ac1c05502aafe2f33b4950ccc459d94f17ad96

  • SHA512

    15ec8178c8848de4fddcc35169510dbe554247c4ad209ed22275035fc4cd3d394c9ed93d0eff62cee29f4b67e70bcc2582f98385356d59d0c036cf9d9275d79d

  • SSDEEP

    768:qZPoNtwCGc3IUpKqSazfmfgxk/ug7cjo:yo3PWqhzxkHn

Score
10/10

Malware Config

Extracted

Language
hta
Source
URLs
hta.dropper

https://%909123id%909123id%909123id%909123id%909123id%909123id%[email protected]/hjads6d78asdasdhajdzxcz

Targets

    • Target

      7c71eaf7075fb4f2341c6e96f62bdcd6_JaffaCakes118

    • Size

      79KB

    • MD5

      7c71eaf7075fb4f2341c6e96f62bdcd6

    • SHA1

      b0eea5f11255aa54de7b74222f8099332044cbd6

    • SHA256

      4a2173896009fd1430ee3eebb4ac1c05502aafe2f33b4950ccc459d94f17ad96

    • SHA512

      15ec8178c8848de4fddcc35169510dbe554247c4ad209ed22275035fc4cd3d394c9ed93d0eff62cee29f4b67e70bcc2582f98385356d59d0c036cf9d9275d79d

    • SSDEEP

      768:qZPoNtwCGc3IUpKqSazfmfgxk/ug7cjo:yo3PWqhzxkHn

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks