Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    7c79dec80eab0c95c78ab3b2ccef3288_JaffaCakes118

  • Size

    162KB

  • Sample

    240528-levbssea51

  • MD5

    7c79dec80eab0c95c78ab3b2ccef3288

  • SHA1

    488b1456fd6b26623e454a4e8d30b456634d8208

  • SHA256

    81983dc7aafe553288da4cba600941f7d593f8956e9e828fe4d98b19d76627be

  • SHA512

    c6092c6f48b8ad2e2aeb005be442a9c99caba0a43091e74d6459c9eb26fa78e1bad07e7afda9d9ee21e6c675cbc0ce8531dbac03774c17b68274ea2b2d16c880

  • SSDEEP

    1536:8Ij9atFqpRIj9atFqpvrdi1Ir77zOH98Wj2gpngB+a9zJU3N7NSP9um:2rfrzOH98ipgxm7NSVZ

Score
10/10

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

https://templatejson.com/awrrn/Kw10uo/

exe.dropper

https://hosting.mybestheme.com/aikjj0q/8/

exe.dropper

https://tastes2plate.com/wp-content/uploads/6/

exe.dropper

http://madeirawildlife.com/wp-admin/zuWZW/

exe.dropper

http://senyumdesa.org/wp-admin/aC4/

exe.dropper

https://ibuyoldwebsites.com/modules/QVtEr7/

exe.dropper

http://blog.zunapro.com/wp-admin/js/widgets/EH4agl/

Targets

    • Target

      7c79dec80eab0c95c78ab3b2ccef3288_JaffaCakes118

    • Size

      162KB

    • MD5

      7c79dec80eab0c95c78ab3b2ccef3288

    • SHA1

      488b1456fd6b26623e454a4e8d30b456634d8208

    • SHA256

      81983dc7aafe553288da4cba600941f7d593f8956e9e828fe4d98b19d76627be

    • SHA512

      c6092c6f48b8ad2e2aeb005be442a9c99caba0a43091e74d6459c9eb26fa78e1bad07e7afda9d9ee21e6c675cbc0ce8531dbac03774c17b68274ea2b2d16c880

    • SSDEEP

      1536:8Ij9atFqpRIj9atFqpvrdi1Ir77zOH98Wj2gpngB+a9zJU3N7NSP9um:2rfrzOH98ipgxm7NSVZ

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks