Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    e95106110f882f19d455be554e72ac67_JaffaCakes118

  • Size

    105KB

  • Sample

    241213-ca8tysvlb1

  • MD5

    e95106110f882f19d455be554e72ac67

  • SHA1

    b9470bed11697ef234fcbf6954252cf5cbd5afcd

  • SHA256

    7dabf4fbbdc55189076e3207b13771f50d1beb743f828e095b85836539655c69

  • SHA512

    5b443fc99939899335bc79ad4336bf45916ee22fbbe26412d25d64ab2922fd0f8d691c2fdd063b6905befa9464a01ad88bc1e0ff0d5c314dfefc966301782a44

  • SSDEEP

    3072:+dvJwlsQZ232UjjsSSTSEFO9FaNy6dim:+dBR2mjpSTSjaNy6dim

Malware Config

Extracted

Family

sality

C2

http://89.119.67.154/testo5/

http://kukutrustnet777.info/home.gif

http://kukutrustnet888.info/home.gif

http://kukutrustnet987.info/home.gif

http://www.klkjwre9fqwieluoi.info/

http://kukutrustnet777888.info/

Targets

    • Target

      e95106110f882f19d455be554e72ac67_JaffaCakes118

    • Size

      105KB

    • MD5

      e95106110f882f19d455be554e72ac67

    • SHA1

      b9470bed11697ef234fcbf6954252cf5cbd5afcd

    • SHA256

      7dabf4fbbdc55189076e3207b13771f50d1beb743f828e095b85836539655c69

    • SHA512

      5b443fc99939899335bc79ad4336bf45916ee22fbbe26412d25d64ab2922fd0f8d691c2fdd063b6905befa9464a01ad88bc1e0ff0d5c314dfefc966301782a44

    • SSDEEP

      3072:+dvJwlsQZ232UjjsSSTSEFO9FaNy6dim:+dBR2mjpSTSjaNy6dim

    • Sality

      Sality is backdoor written in C++, first discovered in 2003.

    • Sality family

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks