Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    0b15d98a371adb04e50e4c8f3b260808_JaffaCakes118

  • Size

    34KB

  • Sample

    241002-rmnf4s1akn

  • MD5

    0b15d98a371adb04e50e4c8f3b260808

  • SHA1

    04125f8c16b7b4907c92a5986df6604525ac1d5c

  • SHA256

    ad0b17e7d9c8f6d00ed02e3ce2825cdf3841482ac02f8a9d1b531e5f4f2a69b6

  • SHA512

    72c9d3abb89a8e6de1ac6ec5b45e69d0f78cd42fcc2c7174f64ca426df073dd739f4d2efdaaf8f7ef2d3170194f0003eee16f42b8b4a0c436a16b51ed4fca643

  • SSDEEP

    768:mzQYScGrIubHuYtvdxwYHw5FAe2QJncwxQ:gQTIubHy5wQJc

Score
10/10

Malware Config

Extracted

Credentials

  • Protocol:
    ftp
  • Host:
    ftp.tripod.com
  • Port:
    21
  • Username:
    onthelinux
  • Password:
    741852abc

Targets

    • Target

      0b15d98a371adb04e50e4c8f3b260808_JaffaCakes118

    • Size

      34KB

    • MD5

      0b15d98a371adb04e50e4c8f3b260808

    • SHA1

      04125f8c16b7b4907c92a5986df6604525ac1d5c

    • SHA256

      ad0b17e7d9c8f6d00ed02e3ce2825cdf3841482ac02f8a9d1b531e5f4f2a69b6

    • SHA512

      72c9d3abb89a8e6de1ac6ec5b45e69d0f78cd42fcc2c7174f64ca426df073dd739f4d2efdaaf8f7ef2d3170194f0003eee16f42b8b4a0c436a16b51ed4fca643

    • SSDEEP

      768:mzQYScGrIubHuYtvdxwYHw5FAe2QJncwxQ:gQTIubHy5wQJc

    Score
    10/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks