Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    ac70ad1ea3f351140fc79d7393d08d59_JaffaCakes118

  • Size

    108KB

  • Sample

    240819-y4qq5axhjr

  • MD5

    ac70ad1ea3f351140fc79d7393d08d59

  • SHA1

    dbf13a35162735c7c50df0094ec38420c309c1dd

  • SHA256

    cfd820c2026cae6661d785382d6d4f2ed9e5c4063e5aa5caf98eab710f188ba4

  • SHA512

    15acb64b8393c52f89260f86d92ef1978ab17ea6bf2c3b2845506c8cce0b18aac5393ac107a37c6dfa79cc2b64208fd1531fb6ddbe4a521879b43cbee91c6dd8

  • SSDEEP

    3072:LLjSeV2c+57XChqSlZE6kPFrgwUpJIJte4A:L6ec752lS6YL0ebex

Malware Config

Extracted

Family

sality

C2

http://89.119.67.154/testo5/

http://kukutrustnet777.info/home.gif

http://kukutrustnet888.info/home.gif

http://kukutrustnet987.info/home.gif

Targets

    • Target

      ac70ad1ea3f351140fc79d7393d08d59_JaffaCakes118

    • Size

      108KB

    • MD5

      ac70ad1ea3f351140fc79d7393d08d59

    • SHA1

      dbf13a35162735c7c50df0094ec38420c309c1dd

    • SHA256

      cfd820c2026cae6661d785382d6d4f2ed9e5c4063e5aa5caf98eab710f188ba4

    • SHA512

      15acb64b8393c52f89260f86d92ef1978ab17ea6bf2c3b2845506c8cce0b18aac5393ac107a37c6dfa79cc2b64208fd1531fb6ddbe4a521879b43cbee91c6dd8

    • SSDEEP

      3072:LLjSeV2c+57XChqSlZE6kPFrgwUpJIJte4A:L6ec752lS6YL0ebex

    • Sality

      Sality is backdoor written in C++, first discovered in 2003.

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks