Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    b9cb5b440d5d408e27c4685f50c5aa17_JaffaCakes118

  • Size

    258KB

  • Sample

    240823-bmzalsxgla

  • MD5

    b9cb5b440d5d408e27c4685f50c5aa17

  • SHA1

    19a2a767171cb7c6609f150e8c86456fa2bba9ec

  • SHA256

    e3462d258f0247f1db6b618620f570208c9fafbfdf79aa51358ad140a4adbf84

  • SHA512

    472db388bebf745cc30f41196a81c2b6a93f6845ec6b07170515cff8d81a2e6007639bcf725b29698f96033738961b4ba70abf395fcf9c2d0dc57e0daf4edd3a

  • SSDEEP

    6144:Jk3hbdlylKsgqopeJBWhZFVE+W2NdANWIIrepCVs1jrRex1CbDR1exbn:0jepC0jFevaRspn

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://ochko123.net/xls_c.php

Targets

    • Target

      b9cb5b440d5d408e27c4685f50c5aa17_JaffaCakes118

    • Size

      258KB

    • MD5

      b9cb5b440d5d408e27c4685f50c5aa17

    • SHA1

      19a2a767171cb7c6609f150e8c86456fa2bba9ec

    • SHA256

      e3462d258f0247f1db6b618620f570208c9fafbfdf79aa51358ad140a4adbf84

    • SHA512

      472db388bebf745cc30f41196a81c2b6a93f6845ec6b07170515cff8d81a2e6007639bcf725b29698f96033738961b4ba70abf395fcf9c2d0dc57e0daf4edd3a

    • SSDEEP

      6144:Jk3hbdlylKsgqopeJBWhZFVE+W2NdANWIIrepCVs1jrRex1CbDR1exbn:0jepC0jFevaRspn

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

MITRE ATT&CK Enterprise v15

Tasks