Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    19b5bbd4478a50df5b886c7c9168ec59_JaffaCakes118

  • Size

    116KB

  • Sample

    240628-lzbp7awdmn

  • MD5

    19b5bbd4478a50df5b886c7c9168ec59

  • SHA1

    9c84634a5685ebe2f75b2b3eecffc7c2748bd621

  • SHA256

    7a89a04ff27d6fe5e0d9249feee09c24989b074aa75e5563f755a7a279c62e5e

  • SHA512

    637d9a59ef4ce4145ac1ebc6c5bcfcf202b8c20d9a55c90ea4add7cd9f57832f9859201b1d1716138877c2e42d00b5c1413212cc0ac61c92273c036325e18539

  • SSDEEP

    3072:ZTk3hbdlylKsgqopeJBWhZFGkE+cL2NdAoioo1gaSNAPZlsWFPO7YiR6PJEcjjas:Fk3hbdlylKsgqopeJBWhZFVE+W2NdAos

Score
10/10

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
exe.dropper

https://bit.ly/3djeHvo

Targets

    • Target

      19b5bbd4478a50df5b886c7c9168ec59_JaffaCakes118

    • Size

      116KB

    • MD5

      19b5bbd4478a50df5b886c7c9168ec59

    • SHA1

      9c84634a5685ebe2f75b2b3eecffc7c2748bd621

    • SHA256

      7a89a04ff27d6fe5e0d9249feee09c24989b074aa75e5563f755a7a279c62e5e

    • SHA512

      637d9a59ef4ce4145ac1ebc6c5bcfcf202b8c20d9a55c90ea4add7cd9f57832f9859201b1d1716138877c2e42d00b5c1413212cc0ac61c92273c036325e18539

    • SSDEEP

      3072:ZTk3hbdlylKsgqopeJBWhZFGkE+cL2NdAoioo1gaSNAPZlsWFPO7YiR6PJEcjjas:Fk3hbdlylKsgqopeJBWhZFVE+W2NdAos

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

MITRE ATT&CK Enterprise v15

Tasks