Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    87c178909c60f42c73b7bdf16363112b_JaffaCakes118

  • Size

    4.5MB

  • Sample

    240531-vzl1lafh63

  • MD5

    87c178909c60f42c73b7bdf16363112b

  • SHA1

    d3b814dd306b5bd180a5f7c2ec529ec2310eaf7e

  • SHA256

    409ae5318680c727dd3c22ccffb9be5ce959e1763360272e7357812c46c6591a

  • SHA512

    809f8f9c0c4dcc5a75b00efed6f37c46f64816d72472ab8b9138ec8cc6dd2cf28569c4fdcd0dff0f35bc65adef15e728e4d5f750516ee70d9bad434a02cd8948

  • SSDEEP

    98304:Vs2AhwkGMEOOgkOajllnEOUxjNRDBcFEyftigCgox:VVAWfOSlp9SDBWfMgCga

Score
10/10

Malware Config

Targets

    • Target

      87c178909c60f42c73b7bdf16363112b_JaffaCakes118

    • Size

      4.5MB

    • MD5

      87c178909c60f42c73b7bdf16363112b

    • SHA1

      d3b814dd306b5bd180a5f7c2ec529ec2310eaf7e

    • SHA256

      409ae5318680c727dd3c22ccffb9be5ce959e1763360272e7357812c46c6591a

    • SHA512

      809f8f9c0c4dcc5a75b00efed6f37c46f64816d72472ab8b9138ec8cc6dd2cf28569c4fdcd0dff0f35bc65adef15e728e4d5f750516ee70d9bad434a02cd8948

    • SSDEEP

      98304:Vs2AhwkGMEOOgkOajllnEOUxjNRDBcFEyftigCgox:VVAWfOSlp9SDBWfMgCga

    Score
    10/10
    • RMS

      Remote Manipulator System (RMS) is a remote access tool developed by Russian organization TektonIT.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.