Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    38722f871aba1f7ca605804bcafc21da_JaffaCakes118

  • Size

    35KB

  • Sample

    241012-e8ls7ayanj

  • MD5

    38722f871aba1f7ca605804bcafc21da

  • SHA1

    7f27bf3999bbcb7e06c58e5935d206f62a219721

  • SHA256

    05f00d441ce0d850d14111ce67deb67c3c75cfa04fa50954373564bbb003ed36

  • SHA512

    31fffe1280ce7a684ce2b50a238cffbc860cac6fbdc4812b54584b81cf67c6b566f62e3688c461767c26f1d1bed0abd3887a09f08cea675548e260ab46568523

  • SSDEEP

    768:NqQoj/dSzNVQ1mDNJWbKEdBMQXQ3Cn4eQQYrcwxoZ:MQoj/YNJcAQY2

Score
10/10

Malware Config

Extracted

Credentials

  • Protocol:
    ftp
  • Host:
    ftp.tripod.com
  • Port:
    21
  • Username:
    griptoloji
  • Password:
    741852

Targets

    • Target

      38722f871aba1f7ca605804bcafc21da_JaffaCakes118

    • Size

      35KB

    • MD5

      38722f871aba1f7ca605804bcafc21da

    • SHA1

      7f27bf3999bbcb7e06c58e5935d206f62a219721

    • SHA256

      05f00d441ce0d850d14111ce67deb67c3c75cfa04fa50954373564bbb003ed36

    • SHA512

      31fffe1280ce7a684ce2b50a238cffbc860cac6fbdc4812b54584b81cf67c6b566f62e3688c461767c26f1d1bed0abd3887a09f08cea675548e260ab46568523

    • SSDEEP

      768:NqQoj/dSzNVQ1mDNJWbKEdBMQXQ3Cn4eQQYrcwxoZ:MQoj/YNJcAQY2

    Score
    10/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks