Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    f564011c2aaf582fc5e7e9c95d5b6b44_JaffaCakes118

  • Size

    49KB

  • Sample

    240925-g6chvasgpc

  • MD5

    f564011c2aaf582fc5e7e9c95d5b6b44

  • SHA1

    65d02f58a19d9e2a5fd7f3e8906ae0c1cb0e1dfe

  • SHA256

    83016b48397789f5215cffc5c1cc223846736ce2d795fb14bc1f3f7b87af0fa1

  • SHA512

    e9ef93ab63b8d1f3710e04513ce6bdfefd186f616d65d67e9d94a8b30b924a6c6c4dd1ba0f9e2cb57e65b52400cab071002f6387348195bfa7e23fb9a06ca013

  • SSDEEP

    1536:YTvX/7uDphYHceXVhca+fMHLtyeGxcl8/dgeD6yzsF6BCKG6GJ+QP:G/7uDphYHceXVhca+fMHLtyeGxcl8/do

Score
10/10

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

http://matterandhome.com/twtao/222222.png

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

http://matterandhome.com/twtao/222222.png

Targets

    • Target

      f564011c2aaf582fc5e7e9c95d5b6b44_JaffaCakes118

    • Size

      49KB

    • MD5

      f564011c2aaf582fc5e7e9c95d5b6b44

    • SHA1

      65d02f58a19d9e2a5fd7f3e8906ae0c1cb0e1dfe

    • SHA256

      83016b48397789f5215cffc5c1cc223846736ce2d795fb14bc1f3f7b87af0fa1

    • SHA512

      e9ef93ab63b8d1f3710e04513ce6bdfefd186f616d65d67e9d94a8b30b924a6c6c4dd1ba0f9e2cb57e65b52400cab071002f6387348195bfa7e23fb9a06ca013

    • SSDEEP

      1536:YTvX/7uDphYHceXVhca+fMHLtyeGxcl8/dgeD6yzsF6BCKG6GJ+QP:G/7uDphYHceXVhca+fMHLtyeGxcl8/do

    Score
    10/10
    • Process spawned suspicious child process

      This child process is typically not spawned unless (for example) the parent process crashes. This typically indicates the parent process was unsuccessfully compromised.

MITRE ATT&CK Enterprise v15

Tasks