Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    9d7cb858c95dc395c70d35c16ca21251_JaffaCakes118

  • Size

    89KB

  • Sample

    240611-jsa4zazfqn

  • MD5

    9d7cb858c95dc395c70d35c16ca21251

  • SHA1

    106036d522d5f722ae5508d358b5e918558e7511

  • SHA256

    29390b9ee891dbeac9519a65a1eaf199a398a502076599e5ced5c7856f1574a7

  • SHA512

    06fe9cfc1b1e476f0d458f0bb0a7b9d11bf08b5b41d8798feb9e16c8863f6eb4464c3028f50afff19281d22e46b47e715e5183cc9c15b936a7c0bcaa830247c6

  • SSDEEP

    1536:JptJlmrJpmxlRw99NBO+aAXIrlnKchqXN076KC0It4oC:3te2dw99fZ2vR1It4

Score
10/10

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
exe.dropper

http://aliu-rdc.org/QwWKYJxM

exe.dropper

http://2idiotsandnobusinessplan.com/wC7

exe.dropper

http://7naturalessences.com/DFaSvtrS

exe.dropper

http://benimdunyamkres.com/v0vig1G1

exe.dropper

http://hostmktar.com/mP

Targets

    • Target

      9d7cb858c95dc395c70d35c16ca21251_JaffaCakes118

    • Size

      89KB

    • MD5

      9d7cb858c95dc395c70d35c16ca21251

    • SHA1

      106036d522d5f722ae5508d358b5e918558e7511

    • SHA256

      29390b9ee891dbeac9519a65a1eaf199a398a502076599e5ced5c7856f1574a7

    • SHA512

      06fe9cfc1b1e476f0d458f0bb0a7b9d11bf08b5b41d8798feb9e16c8863f6eb4464c3028f50afff19281d22e46b47e715e5183cc9c15b936a7c0bcaa830247c6

    • SSDEEP

      1536:JptJlmrJpmxlRw99NBO+aAXIrlnKchqXN076KC0It4oC:3te2dw99fZ2vR1It4

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • An obfuscated cmd.exe command-line is typically used to evade detection.

MITRE ATT&CK Enterprise v15

Tasks