Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    c76fd15a1394fd5d0b18ab079a21a2d0_JaffaCakes118

  • Size

    34KB

  • Sample

    240828-xfyw6asdpn

  • MD5

    c76fd15a1394fd5d0b18ab079a21a2d0

  • SHA1

    f0f00cc5b1474452aa0a0285b97c1c4b179274d2

  • SHA256

    48fbea9afd9096bde569d8a2bad09779e04ddd7062e548be7f2bb45a18482d68

  • SHA512

    efd408c3094216deeb138c9c1c947dc76cf54acf2c509561eb2db09bc17be4885ad1b12022162fbcd1de85391270a2f9549da0ebeb20176261edc00f03fc350a

  • SSDEEP

    768:cflivXrVKpVhKvtxwYHwVFoeAQPmucwUU/b:ylqrVKprVuQPf

Score
10/10

Malware Config

Extracted

Credentials

  • Protocol:
    ftp
  • Host:
    ftp.tripod.com
  • Port:
    21
  • Username:
    onthelinux
  • Password:
    741852abc

Targets

    • Target

      c76fd15a1394fd5d0b18ab079a21a2d0_JaffaCakes118

    • Size

      34KB

    • MD5

      c76fd15a1394fd5d0b18ab079a21a2d0

    • SHA1

      f0f00cc5b1474452aa0a0285b97c1c4b179274d2

    • SHA256

      48fbea9afd9096bde569d8a2bad09779e04ddd7062e548be7f2bb45a18482d68

    • SHA512

      efd408c3094216deeb138c9c1c947dc76cf54acf2c509561eb2db09bc17be4885ad1b12022162fbcd1de85391270a2f9549da0ebeb20176261edc00f03fc350a

    • SSDEEP

      768:cflivXrVKpVhKvtxwYHwVFoeAQPmucwUU/b:ylqrVKprVuQPf

    Score
    10/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks