Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
0a4e2f1f55fbe4544d342870d97e8a0d_JaffaCakes118
-
Size
977KB
-
Sample
240728-ftrasstajh
-
MD5
0a4e2f1f55fbe4544d342870d97e8a0d
-
SHA1
9476a9ecf64827fb91c14a816ccb76a3edd73f0a
-
SHA256
3bf0fadde2ebaf3830bb62dd95434adb1550813b81360a42145e95520e6fafdd
-
SHA512
03a9072bf786367e0fc3edf86bbeba38333f1c3e5be4db9943e438972aa0f271189fbbd71bb4016c3d6fd400ffd72ff26636ac77c6e5be00418c64a2894aa770
-
SSDEEP
24576:+MjPJ5g9KVGrdNikfu2hBfK8ilRty5olGJsxt:7J5gEKNikf3hBfUiWxt
Malware Config
Targets
-
-
Target
0a4e2f1f55fbe4544d342870d97e8a0d_JaffaCakes118
-
Size
977KB
-
MD5
0a4e2f1f55fbe4544d342870d97e8a0d
-
SHA1
9476a9ecf64827fb91c14a816ccb76a3edd73f0a
-
SHA256
3bf0fadde2ebaf3830bb62dd95434adb1550813b81360a42145e95520e6fafdd
-
SHA512
03a9072bf786367e0fc3edf86bbeba38333f1c3e5be4db9943e438972aa0f271189fbbd71bb4016c3d6fd400ffd72ff26636ac77c6e5be00418c64a2894aa770
-
SSDEEP
24576:+MjPJ5g9KVGrdNikfu2hBfK8ilRty5olGJsxt:7J5gEKNikf3hBfUiWxt
Score10/10-
Ammyy Admin
Remote admin tool with various capabilities.
-
AmmyyAdmin payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-