Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    60084e015cce578bcf6175d3af73bce1_JaffaCakes118

  • Size

    34KB

  • Sample

    240720-l3bvcsxbrq

  • MD5

    60084e015cce578bcf6175d3af73bce1

  • SHA1

    d9619d52bc824fdba539fb54fa8e9e68df0b4cdc

  • SHA256

    16e39597e6c12031c4dd92c94dbfd8ee915c815159882f6a849eb3ef96a13d22

  • SHA512

    a7db800cb550237ab57e281d784b3006decff8225de239a9287e838f7e2ef74673ae478c6274f679ec31bf4f98c66396e5b08323799b4e929d5735ac4ff6b9f0

  • SSDEEP

    768:cflivXrVKpVhKvtxwYHwVFoeAQumucwUQj:ylqrVKprVuQuxj

Score
10/10

Malware Config

Extracted

Credentials

  • Protocol:
    ftp
  • Host:
    ftp.tripod.com
  • Port:
    21
  • Username:
    onthelinux
  • Password:
    741852abc

Targets

    • Target

      60084e015cce578bcf6175d3af73bce1_JaffaCakes118

    • Size

      34KB

    • MD5

      60084e015cce578bcf6175d3af73bce1

    • SHA1

      d9619d52bc824fdba539fb54fa8e9e68df0b4cdc

    • SHA256

      16e39597e6c12031c4dd92c94dbfd8ee915c815159882f6a849eb3ef96a13d22

    • SHA512

      a7db800cb550237ab57e281d784b3006decff8225de239a9287e838f7e2ef74673ae478c6274f679ec31bf4f98c66396e5b08323799b4e929d5735ac4ff6b9f0

    • SSDEEP

      768:cflivXrVKpVhKvtxwYHwVFoeAQumucwUQj:ylqrVKprVuQuxj

    Score
    10/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks