Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    49c7bdd3b15d7b584afc1f192527ee33_JaffaCakes118

  • Size

    384KB

  • Sample

    240715-pngc3stenh

  • MD5

    49c7bdd3b15d7b584afc1f192527ee33

  • SHA1

    9a1b0d6aa440c48d8be1442581909d3fae1b9df2

  • SHA256

    1bf9a9e70d7cfce3bb640ab3bc0f1433e95a907e3e8081e54584604b7146b57c

  • SHA512

    535d44b059e3ccc83cf11e33f846d25eb721cf3b3f61e88d31126184d7de14a15b1bae47f8a4768a4d5536975f34095ac66bd6253fc4dda850421800476e49d3

  • SSDEEP

    12288:KPdK4bgeK8VL5TKjb31wgxllhz7G60i2qvyOS:KPBjK8VlYb3P9Fu

Malware Config

Targets

    • Target

      49c7bdd3b15d7b584afc1f192527ee33_JaffaCakes118

    • Size

      384KB

    • MD5

      49c7bdd3b15d7b584afc1f192527ee33

    • SHA1

      9a1b0d6aa440c48d8be1442581909d3fae1b9df2

    • SHA256

      1bf9a9e70d7cfce3bb640ab3bc0f1433e95a907e3e8081e54584604b7146b57c

    • SHA512

      535d44b059e3ccc83cf11e33f846d25eb721cf3b3f61e88d31126184d7de14a15b1bae47f8a4768a4d5536975f34095ac66bd6253fc4dda850421800476e49d3

    • SSDEEP

      12288:KPdK4bgeK8VL5TKjb31wgxllhz7G60i2qvyOS:KPBjK8VlYb3P9Fu

    • Gh0st RAT payload

    • Gh0strat

      Gh0st RAT is a remote access tool (RAT) with its source code public and it has been used by multiple Chinese groups.

    • Executes dropped EXE

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks