Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    b798cac7d0969a6369cc0c8d2b3ea169_JaffaCakes118

  • Size

    136KB

  • Sample

    240822-pfsq5syhmp

  • MD5

    b798cac7d0969a6369cc0c8d2b3ea169

  • SHA1

    0ea8e3fe9dd9f9d3c2605288ad2fbec104555c7b

  • SHA256

    c50f512d6dc79915f3f73f0c951641fa1d7e521b62b38ef5fb54af77e2b15e66

  • SHA512

    a7aeec6e2d4fa8e5e9cbe8bf28b24c6d8f1f06e2bd21f9bc180683fec3655bfad485cbeeb2a1a514045a57d5079cadc0735524de00a1f28bc6b1c2b7a78b7061

  • SSDEEP

    768:j/5inm+cd5rHemPXkqUEphjVuvios1rPr4adL0NqlJMU60+ppQ1TTGfLB:jRsvcdcQjosnvnZ6LQ1EB

Score
10/10

Malware Config

Extracted

Credentials

  • Protocol:
    ftp
  • Host:
    ftp.tripod.com
  • Port:
    21
  • Username:
    griptoloji
  • Password:
    741852

Targets

    • Target

      b798cac7d0969a6369cc0c8d2b3ea169_JaffaCakes118

    • Size

      136KB

    • MD5

      b798cac7d0969a6369cc0c8d2b3ea169

    • SHA1

      0ea8e3fe9dd9f9d3c2605288ad2fbec104555c7b

    • SHA256

      c50f512d6dc79915f3f73f0c951641fa1d7e521b62b38ef5fb54af77e2b15e66

    • SHA512

      a7aeec6e2d4fa8e5e9cbe8bf28b24c6d8f1f06e2bd21f9bc180683fec3655bfad485cbeeb2a1a514045a57d5079cadc0735524de00a1f28bc6b1c2b7a78b7061

    • SSDEEP

      768:j/5inm+cd5rHemPXkqUEphjVuvios1rPr4adL0NqlJMU60+ppQ1TTGfLB:jRsvcdcQjosnvnZ6LQ1EB

    Score
    10/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks