Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    dd6f5a39c8ab79b607d5d11fb8efd955_JaffaCakes118

  • Size

    193KB

  • Sample

    240913-b6rpwaxhrh

  • MD5

    dd6f5a39c8ab79b607d5d11fb8efd955

  • SHA1

    da373d45e0cfca8f17891b60451e48f9792748c4

  • SHA256

    1312e631f80e724ea637d1b035eb3342f09a32208ab559bc85cd5820956a5755

  • SHA512

    c01475b798e8bd987c051c4b1089647575f03f7264dd25d9d5c9bbab7b8554ff6485c531e90f0fa7082ac3e3147c048d324a9e845774944439a3273d421591d4

  • SSDEEP

    1536:DGGGGGGGGGG2xJLEt+LaaGGGGGGGGGGjLo9xilqfqdFTaFVT/EA8s9p8cjMfmVSt:+rfrzOH98ipgFd58cgE

Score
10/10

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

http://boys86.com/wp-admin/mO/

exe.dropper

http://dacyclin.com/3qx/Z/

exe.dropper

https://fepami.com/wp-includes/oRT/

exe.dropper

https://xnxxfullhd.com/wp-admin/NAK/

exe.dropper

https://www.business-management-degree.net/wp-snapshots/W/

exe.dropper

http://homestay.design/wordpress/M/

exe.dropper

https://csc-comunity.com/wp-admin/6DW/

Targets

    • Target

      dd6f5a39c8ab79b607d5d11fb8efd955_JaffaCakes118

    • Size

      193KB

    • MD5

      dd6f5a39c8ab79b607d5d11fb8efd955

    • SHA1

      da373d45e0cfca8f17891b60451e48f9792748c4

    • SHA256

      1312e631f80e724ea637d1b035eb3342f09a32208ab559bc85cd5820956a5755

    • SHA512

      c01475b798e8bd987c051c4b1089647575f03f7264dd25d9d5c9bbab7b8554ff6485c531e90f0fa7082ac3e3147c048d324a9e845774944439a3273d421591d4

    • SSDEEP

      1536:DGGGGGGGGGG2xJLEt+LaaGGGGGGGGGGjLo9xilqfqdFTaFVT/EA8s9p8cjMfmVSt:+rfrzOH98ipgFd58cgE

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks