Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    0177e67dfee61f990472e22859b9caee_JaffaCakes118

  • Size

    182KB

  • Sample

    240727-2h8atsvgnb

  • MD5

    0177e67dfee61f990472e22859b9caee

  • SHA1

    a7b06f425a6d77af315de240f78073064cdd3d38

  • SHA256

    2dabd77f0095c4f8856142c94f41561f4484b8fe7ad0daa012bb98024f1b695a

  • SHA512

    997e87e05c0703fb8880429f2875ef99bff84a116e099dafa92cc2602850c686bdda28fb36a5eb92c701bf87ca40c96ea27a9dace3bbf7cf3facfc66a4dae727

  • SSDEEP

    768:r/5inm+cd5rHemPXkqUEphjVuvios1rPr4adL0NqlJMU60+ppQ1TTGfLTb:rRsvcdcQjosnvnZ6LQ1E3

Score
10/10

Malware Config

Extracted

Credentials

  • Protocol:
    ftp
  • Host:
    ftp.tripod.com
  • Port:
    21
  • Username:
    griptoloji
  • Password:
    741852

Targets

    • Target

      0177e67dfee61f990472e22859b9caee_JaffaCakes118

    • Size

      182KB

    • MD5

      0177e67dfee61f990472e22859b9caee

    • SHA1

      a7b06f425a6d77af315de240f78073064cdd3d38

    • SHA256

      2dabd77f0095c4f8856142c94f41561f4484b8fe7ad0daa012bb98024f1b695a

    • SHA512

      997e87e05c0703fb8880429f2875ef99bff84a116e099dafa92cc2602850c686bdda28fb36a5eb92c701bf87ca40c96ea27a9dace3bbf7cf3facfc66a4dae727

    • SSDEEP

      768:r/5inm+cd5rHemPXkqUEphjVuvios1rPr4adL0NqlJMU60+ppQ1TTGfLTb:rRsvcdcQjosnvnZ6LQ1E3

    Score
    10/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks