Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

182b7347e2...18.exe

windows7-x64

10

182b7347e2...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    182b7347e28751aa245a7de82f4a5e1a_JaffaCakes118

  • Size

    34KB

  • Sample

    240628-a5f2bathkl

  • MD5

    182b7347e28751aa245a7de82f4a5e1a

  • SHA1

    131c7e07c8a87d324889a9ab2a7e1c7e0c3f692f

  • SHA256

    bc62957a71a530bf700489c5c796645782b43d02ea164784b9623759e3f9757f

  • SHA512

    9830b7f90afd2c01538c4769a193adee9d8ea0d18737c9addf7ff019f690d0ca2474bebb45aadacb5c1b608910a928ed26f6f709e06838cf100db7a2956dcb41

  • SSDEEP

    768:cflivXrVKpVhKvtxwYHwVFoeAQWmucwUd:ylqrVKprVuQWY

Score
10/10

Malware Config

Extracted

Credentials

  • Protocol:     ftp
  • Host:
    ftp.tripod.com
  • Port:
    21
  • Username:
    onthelinux
  • Password:
    741852abc

Targets

    • Target

      182b7347e28751aa245a7de82f4a5e1a_JaffaCakes118

    • Size

      34KB

    • MD5

      182b7347e28751aa245a7de82f4a5e1a

    • SHA1

      131c7e07c8a87d324889a9ab2a7e1c7e0c3f692f

    • SHA256

      bc62957a71a530bf700489c5c796645782b43d02ea164784b9623759e3f9757f

    • SHA512

      9830b7f90afd2c01538c4769a193adee9d8ea0d18737c9addf7ff019f690d0ca2474bebb45aadacb5c1b608910a928ed26f6f709e06838cf100db7a2956dcb41

    • SSDEEP

      768:cflivXrVKpVhKvtxwYHwVFoeAQWmucwUd:ylqrVKprVuQWY

    Score
    10/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks