Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    086cdcecfba4044398f361ff7fae0321_JaffaCakes118

  • Size

    98KB

  • Sample

    241002-ctwzhawdnh

  • MD5

    086cdcecfba4044398f361ff7fae0321

  • SHA1

    adfc5437b1e240f6ae8a6e3b1b495e095d857207

  • SHA256

    a49f11e354c0edc509faea7b99a116a1ad402c72faa17a9354f7daaea6e03adb

  • SHA512

    fad5fce88ff8e7285998ad0fdd87048b5723ea338e84214e0fcd0a20ab8f065ca916c36badef17df69c8c388de19a994075d00d12ab6523144846f4cfd14c232

  • SSDEEP

    1536:fCJVWpuVbSn1BlTiQDaKts99iMfg3UzQkOv:fCJXOn7speUzQv

Score
10/10

Malware Config

Extracted

Credentials

  • Protocol:
    ftp
  • Host:
    ftp.tripod.com
  • Port:
    21
  • Username:
    griptoloji
  • Password:
    741852

Targets

    • Target

      086cdcecfba4044398f361ff7fae0321_JaffaCakes118

    • Size

      98KB

    • MD5

      086cdcecfba4044398f361ff7fae0321

    • SHA1

      adfc5437b1e240f6ae8a6e3b1b495e095d857207

    • SHA256

      a49f11e354c0edc509faea7b99a116a1ad402c72faa17a9354f7daaea6e03adb

    • SHA512

      fad5fce88ff8e7285998ad0fdd87048b5723ea338e84214e0fcd0a20ab8f065ca916c36badef17df69c8c388de19a994075d00d12ab6523144846f4cfd14c232

    • SSDEEP

      1536:fCJVWpuVbSn1BlTiQDaKts99iMfg3UzQkOv:fCJXOn7speUzQv

    Score
    10/10
    • Executes dropped EXE

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks