Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    fcfed246fb7189abf69be6e01fdc48c3_JaffaCakes118

  • Size

    207KB

  • Sample

    240928-x9eelswaja

  • MD5

    fcfed246fb7189abf69be6e01fdc48c3

  • SHA1

    6174a7e9c6b29ce10fa4df221898f357ec4cd60c

  • SHA256

    44d115e6bc671cdd9776f8cce9c15db434bf9d68d7b3b678aaa2d8cf476547ee

  • SHA512

    59844214abc5ae501d3d7148942eb033aba8b63dce19fcff82a4e22de97249bb319e7bb2f45350b61711363a1707a62bad3c08e9a403512f6d53c79cc837ae5c

  • SSDEEP

    3072:h9EHoyEfcefBjvLUrUQxo6aeYON/LDXzPvYfcrRsCdEPF6a4U2EOUx6Z9oXYHqOM:wHCtwjSedtcfcrRw6a4eOUYb

Score
7/10

Malware Config

Targets

    • Target

      fcfed246fb7189abf69be6e01fdc48c3_JaffaCakes118

    • Size

      207KB

    • MD5

      fcfed246fb7189abf69be6e01fdc48c3

    • SHA1

      6174a7e9c6b29ce10fa4df221898f357ec4cd60c

    • SHA256

      44d115e6bc671cdd9776f8cce9c15db434bf9d68d7b3b678aaa2d8cf476547ee

    • SHA512

      59844214abc5ae501d3d7148942eb033aba8b63dce19fcff82a4e22de97249bb319e7bb2f45350b61711363a1707a62bad3c08e9a403512f6d53c79cc837ae5c

    • SSDEEP

      3072:h9EHoyEfcefBjvLUrUQxo6aeYON/LDXzPvYfcrRsCdEPF6a4U2EOUx6Z9oXYHqOM:wHCtwjSedtcfcrRw6a4eOUYb

    Score
    7/10
    • Deletes itself

    • Executes dropped EXE

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Drops desktop.ini file(s)

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks