Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    9436dd2ce44f2311d7cf032852a831ab_JaffaCakes118

  • Size

    1.1MB

  • Sample

    240813-wx88sayfrh

  • MD5

    9436dd2ce44f2311d7cf032852a831ab

  • SHA1

    a6c9c7a87d3c7c3848ee6707dca56544596799f3

  • SHA256

    8de3e8407e2ac685ef9a5d097e209276233ab23db8f5e74bad252b22b251e591

  • SHA512

    de8dc4c5d6a2b47bdaba985bbab2b653c860c73d7651cb65fdf669f970243c1f898d3314b5d27215ce3747ba072ecda792a9bfa6a1c7b397d2fa4514d40b7a11

  • SSDEEP

    12288:jjPG0Ond0VO5iICxcNVM82OKQhfAvhIcQjFDk/yXcrnvMftGowccQyYE33lEFUk0:LwJTwZAuTUlErCUkHNFpwzkvNY

Malware Config

Targets

    • Target

      9436dd2ce44f2311d7cf032852a831ab_JaffaCakes118

    • Size

      1.1MB

    • MD5

      9436dd2ce44f2311d7cf032852a831ab

    • SHA1

      a6c9c7a87d3c7c3848ee6707dca56544596799f3

    • SHA256

      8de3e8407e2ac685ef9a5d097e209276233ab23db8f5e74bad252b22b251e591

    • SHA512

      de8dc4c5d6a2b47bdaba985bbab2b653c860c73d7651cb65fdf669f970243c1f898d3314b5d27215ce3747ba072ecda792a9bfa6a1c7b397d2fa4514d40b7a11

    • SSDEEP

      12288:jjPG0Ond0VO5iICxcNVM82OKQhfAvhIcQjFDk/yXcrnvMftGowccQyYE33lEFUk0:LwJTwZAuTUlErCUkHNFpwzkvNY

    • Darkcomet

      DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks