Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    7d35c1380183a81281ce722d0b5bb22f_JaffaCakes118

  • Size

    243KB

  • Sample

    240528-q9wwbsgb8y

  • MD5

    7d35c1380183a81281ce722d0b5bb22f

  • SHA1

    35d47990c49015646f9be371f70deb3f79901b9e

  • SHA256

    afbed587663a091e9d854414f1b31bb9153040f7bf5c1684b483e23027a341f4

  • SHA512

    5078ee767f9173f981499f2927e662288713c98eb90d124238673345b4a6fd396477201aee4ac35a94be74fe7bb04c49e604d20aefdd21e2b8a13aff20d06cde

  • SSDEEP

    3072:XYy0u8YGgjv+ZvchmkHcI/o1/Vb6///////////////////////////////////D:Z0uXnWFchmmcI/o1/ijj

Score
10/10

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

http://localesfavoritos.com/wp-admin/c/

exe.dropper

http://generalstorebd.com/wp-admin/pvI/

exe.dropper

https://agrotradespecialist.com/re/xq/

exe.dropper

http://laladiwanchandmodernwrestlingandyogacentre.com/wp-content/kg/

exe.dropper

http://zzuzhi.xuezha.vip/themes/P/

exe.dropper

http://octopusconsults.com/wp-content/En7/

exe.dropper

https://minilillie.com/8npku7/b/

Targets

    • Target

      7d35c1380183a81281ce722d0b5bb22f_JaffaCakes118

    • Size

      243KB

    • MD5

      7d35c1380183a81281ce722d0b5bb22f

    • SHA1

      35d47990c49015646f9be371f70deb3f79901b9e

    • SHA256

      afbed587663a091e9d854414f1b31bb9153040f7bf5c1684b483e23027a341f4

    • SHA512

      5078ee767f9173f981499f2927e662288713c98eb90d124238673345b4a6fd396477201aee4ac35a94be74fe7bb04c49e604d20aefdd21e2b8a13aff20d06cde

    • SSDEEP

      3072:XYy0u8YGgjv+ZvchmkHcI/o1/Vb6///////////////////////////////////D:Z0uXnWFchmmcI/o1/ijj

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks