Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    be77ed73f92a82aebb8a7375522ae7ef_JaffaCakes118

  • Size

    5.0MB

  • Sample

    240824-m926kaxbpa

  • MD5

    be77ed73f92a82aebb8a7375522ae7ef

  • SHA1

    5717106981ef5c2f2a79cdf6775355ed1271f004

  • SHA256

    1190030956e93adc590dd91237a8af743c6bb911923e2e0d199f3397aea8b9e3

  • SHA512

    2cab2a4631d2c02d58561721547e0404ef0f0d0210f6f7db9c0bb9885ff97347052bbafca78f99e48f6afc0f26bd94ae282e8a08d2528cecb3841d677ba8d2ac

  • SSDEEP

    98304:TDqPoBhz1aRxcSUb6SAEdhvxWa9P593R8yAVp2H:TDqPe1CxchZAEUadzR8yc4H

Malware Config

Targets

    • Target

      be77ed73f92a82aebb8a7375522ae7ef_JaffaCakes118

    • Size

      5.0MB

    • MD5

      be77ed73f92a82aebb8a7375522ae7ef

    • SHA1

      5717106981ef5c2f2a79cdf6775355ed1271f004

    • SHA256

      1190030956e93adc590dd91237a8af743c6bb911923e2e0d199f3397aea8b9e3

    • SHA512

      2cab2a4631d2c02d58561721547e0404ef0f0d0210f6f7db9c0bb9885ff97347052bbafca78f99e48f6afc0f26bd94ae282e8a08d2528cecb3841d677ba8d2ac

    • SSDEEP

      98304:TDqPoBhz1aRxcSUb6SAEdhvxWa9P593R8yAVp2H:TDqPe1CxchZAEUadzR8yc4H

    • Wannacry

      WannaCry is a ransomware cryptoworm.

    • Contacts a large (3231) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks