Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    f96da0c275f7394cc04dbcc2734b97e6_JaffaCakes118

  • Size

    858KB

  • Sample

    240927-a76prazamg

  • MD5

    f96da0c275f7394cc04dbcc2734b97e6

  • SHA1

    86a01457204e048e8635ca0da069ef8b08b4714f

  • SHA256

    8546c93bd3e6761b820a02c45cdff8a004faebf26e86d85511be73dc49ad8acc

  • SHA512

    cea47af9424cb0391e040358d0e344325aac5dbc8f6f8eca37a8e20820bc0de80af54fc3ec7573ea8bf8171cb5a6eeb0744854bd1972ccacf7fabce4ff919ade

  • SSDEEP

    12288:TqW2gu/kCX5Bq8WDCmKBU7Xvl6uZQuDY0+eO:O7HkCXPq8WDmwXtRt9Z

Malware Config

Targets

    • Target

      DK-P.O-CVEA 5787243156 (c)2020,pdf.exe

    • Size

      798KB

    • MD5

      6826edaad0e4967f7ada880147c1b16e

    • SHA1

      f95a56e3703d11cb504498d2875a83967b09e261

    • SHA256

      a7d93e9c9bb80f0f8a271ae4a101f305bac535e197697b35f291794fa83ef538

    • SHA512

      2fefa266393f8f891baa7d61879f51fbc0c25527adcb61254914d60dba0e47beede0571da664c71cabe6fee31f203793924f85573ffbb172345328a83fa21274

    • SSDEEP

      12288:eqW2gu/kCX5Bq8WDCmKBU7Xvl6uZQuDY0+eO:B7HkCXPq8WDmwXtRt9Z

    • ModiLoader, DBatLoader

      ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.

    • ModiLoader First Stage

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks