Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    66ec18b3057f48556df904b9ce17fba8_JaffaCakes118

  • Size

    118KB

  • Sample

    240723-kxf2fsxfkd

  • MD5

    66ec18b3057f48556df904b9ce17fba8

  • SHA1

    b333af179280043650e203c57272472480f7e8ec

  • SHA256

    8106749b0c6e58b66bc291fb01fdfca0e4da0e2e9c0cc27968b58fad04954a8a

  • SHA512

    c214ac1e1ec4001ffb807d982ab8237f2b0515e31eab345e6e6cb8de0816670ec90065f79d9d31db994eb27baecbfc5c07a6f4019dc191aa27459ec006816b27

  • SSDEEP

    768:szQYScGrIubHuYtvdxwYHw5FAe2QOncwx8:OQTIubHy5wQOg

Score
10/10

Malware Config

Extracted

Credentials

  • Protocol:
    ftp
  • Host:
    ftp.tripod.com
  • Port:
    21
  • Username:
    onthelinux
  • Password:
    741852abc

Targets

    • Target

      66ec18b3057f48556df904b9ce17fba8_JaffaCakes118

    • Size

      118KB

    • MD5

      66ec18b3057f48556df904b9ce17fba8

    • SHA1

      b333af179280043650e203c57272472480f7e8ec

    • SHA256

      8106749b0c6e58b66bc291fb01fdfca0e4da0e2e9c0cc27968b58fad04954a8a

    • SHA512

      c214ac1e1ec4001ffb807d982ab8237f2b0515e31eab345e6e6cb8de0816670ec90065f79d9d31db994eb27baecbfc5c07a6f4019dc191aa27459ec006816b27

    • SSDEEP

      768:szQYScGrIubHuYtvdxwYHw5FAe2QOncwx8:OQTIubHy5wQOg

    Score
    10/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks