Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    fcd0876b1f82c246ff0d07f7e6a4e37d_JaffaCakes118

  • Size

    84KB

  • Sample

    240928-v8s59sxhjn

  • MD5

    fcd0876b1f82c246ff0d07f7e6a4e37d

  • SHA1

    4b44a9eb9c4d69bc19e6f931c6aaf1504acba02f

  • SHA256

    4c10ebf2339186ba1432a006b9062f41992017fb2578820fd08d29c5bdc9f8a6

  • SHA512

    e43412b817bdd4662cfe592ea656d1fa1b9feb67f54c0964185dc7699f87cc435c049838ea5934f9fb33e789eea9469c965016b0e7cb69ebb9ea72f849564056

  • SSDEEP

    768:ZCVucRFoqkp59YBvLdTv9ReVi4eFov5UHRFBx+1oadzX5k2i4gz+OFs2QDj:ZCocn1kp59gxBK85fBx+aa9i4bl

Malware Config

Targets

    • Target

      fcd0876b1f82c246ff0d07f7e6a4e37d_JaffaCakes118

    • Size

      84KB

    • MD5

      fcd0876b1f82c246ff0d07f7e6a4e37d

    • SHA1

      4b44a9eb9c4d69bc19e6f931c6aaf1504acba02f

    • SHA256

      4c10ebf2339186ba1432a006b9062f41992017fb2578820fd08d29c5bdc9f8a6

    • SHA512

      e43412b817bdd4662cfe592ea656d1fa1b9feb67f54c0964185dc7699f87cc435c049838ea5934f9fb33e789eea9469c965016b0e7cb69ebb9ea72f849564056

    • SSDEEP

      768:ZCVucRFoqkp59YBvLdTv9ReVi4eFov5UHRFBx+1oadzX5k2i4gz+OFs2QDj:ZCocn1kp59gxBK85fBx+aa9i4bl

    Score
    10/10
    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

    • An obfuscated cmd.exe command-line is typically used to evade detection.

    • Command and Scripting Interpreter: PowerShell

      Start PowerShell.

MITRE ATT&CK Enterprise v15

Tasks