Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    7305adbd6e3b38e7f3e28184e3c1fff7_JaffaCakes118

  • Size

    6.2MB

  • Sample

    240726-hse79asgkl

  • MD5

    7305adbd6e3b38e7f3e28184e3c1fff7

  • SHA1

    b157c9fc3e35527de763517c6342f68cc6fc9644

  • SHA256

    8b8861086b8b8d7eb7f2fea813830381a584ea4ef7f84eab205858fd1aa9aea8

  • SHA512

    87f7305d705d711e3ee177b8381b08f1d955da3b9f66456bbd360a7d7cc0bb61eb55d9675375dceb7bfdceedf85ceed9630015d584818758644c96aeb8f411d8

  • SSDEEP

    12288:2deIrVZhvhIZD+Kn7VyKJRqxPdr9jL2+4u:0nvhk+k7Paxxl2+4u

Malware Config

Extracted

Family

latentbot

C2

spongebob23.zapto.org

Targets

    • Target

      7305adbd6e3b38e7f3e28184e3c1fff7_JaffaCakes118

    • Size

      6.2MB

    • MD5

      7305adbd6e3b38e7f3e28184e3c1fff7

    • SHA1

      b157c9fc3e35527de763517c6342f68cc6fc9644

    • SHA256

      8b8861086b8b8d7eb7f2fea813830381a584ea4ef7f84eab205858fd1aa9aea8

    • SHA512

      87f7305d705d711e3ee177b8381b08f1d955da3b9f66456bbd360a7d7cc0bb61eb55d9675375dceb7bfdceedf85ceed9630015d584818758644c96aeb8f411d8

    • SSDEEP

      12288:2deIrVZhvhIZD+Kn7VyKJRqxPdr9jL2+4u:0nvhk+k7Paxxl2+4u

    • LatentBot

      Modular trojan written in Delphi which has been in-the-wild since 2013.

    • Modifies firewall policy service

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks