Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JaffaCakes118_145356f559186ff2bb984ca4a53c91d9

  • Size

    1.4MB

  • Sample

    250123-gqxh3sxkdr

  • MD5

    145356f559186ff2bb984ca4a53c91d9

  • SHA1

    9d8918f5596a19e093b2777c55cd5900afec601e

  • SHA256

    48c90e9bf2a1bc222607ca074a001e616ec79bbf4c912472ab615000bb7d49d5

  • SHA512

    0ca2a24430f6ddddf032fa101c1c060e0d888bece435eeb36c30e545eacf509a4abf394ee04ca42c2bdc67d04bf4dd17858822e9925d2310a9a9e2c955c809fa

  • SSDEEP

    24576:l/OCOfBqmI+hdNi8UEjIfJeL79C+95ljCc1YNjl+U/M6bzqJ9dswTWGQ+oYmCJXD:l/OCEfhDihEjIfJekElu1/xXqv2wTWxE

Malware Config

Targets

    • Target

      Crack.exe

    • Size

      1.4MB

    • MD5

      2302eace8e12fa460b14c2e6764ac952

    • SHA1

      e5caeb93f82243eec0d8f7fdb15efb3edc8c7386

    • SHA256

      b19b5b4e514e71c32861a2c70d8c5f07a2c83af2f5c36e1b41e1a26c856c88da

    • SHA512

      105676ae255d64101cb1aa7b2c6ceeb8301d5b12ae66d7542c99126c96b7606ae4a4af8ce9f07fb1ef746350f50e9b66d5d2eaa2c1cf946a2f3c3b713e8abf8c

    • SSDEEP

      24576:wFI54ZfTnzI+FdXbiEEkU3cemn9C/RyijTcdYMFc5AIMcMzpJe5toTOGN+oGqCJW:KI54RfFtbPEkU3ceJ0iHQIRUpMToTOIh

    Score
    4/10
    • Target

      G-PROS~1.EXE

    • Size

      32KB

    • MD5

      4f597e155aa341b31c256c70f67a097b

    • SHA1

      c32cd541d971e6f823b085e0bea2579e5764a77f

    • SHA256

      694ce71682d85d6c56c6ca20f9d9ff8e558166ec228602d2a6cd60ac197401e7

    • SHA512

      6fc82a0959e42bf53d82491a565f8dbfa7a52f1e9b8bc98d5725d5fcc4dc2e377cf7a9adcb60d86fd3d816948bafc5439016f6728cd79d3426ee0586cd554af6

    • SSDEEP

      768:mqoxGVi3uS2kx34EvzJhAvBeSty4JmwDr:hfi3uSFx3XJhAr

    • Detected google phishing page

    • Modifies firewall policy service

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks