Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JaffaCakes118_fd6e5d8063f715b2760962f7807789d2

  • Size

    911KB

  • Sample

    250215-3hsqtazngn

  • MD5

    fd6e5d8063f715b2760962f7807789d2

  • SHA1

    979636dde4677677bbac609e02985ab3db2b8bfa

  • SHA256

    db04d2f0fbeafd9752bf15a041c2eee8885c5fb07db23292f78a38a69aef2056

  • SHA512

    e4f2b02ad41d1f6c46e58191155254a21604315e7d1f7751ce18361ab9c8cfee9e92a961fd6659f1fe23c8bead04e7942e1697342aa9157d0c676a3968b12f59

  • SSDEEP

    24576:OpvQqeRXP90Fif80jTFU5Tqoc2QCOcsscu:OZQvvAXQvycu

Malware Config

Targets

    • Target

      JaffaCakes118_fd6e5d8063f715b2760962f7807789d2

    • Size

      911KB

    • MD5

      fd6e5d8063f715b2760962f7807789d2

    • SHA1

      979636dde4677677bbac609e02985ab3db2b8bfa

    • SHA256

      db04d2f0fbeafd9752bf15a041c2eee8885c5fb07db23292f78a38a69aef2056

    • SHA512

      e4f2b02ad41d1f6c46e58191155254a21604315e7d1f7751ce18361ab9c8cfee9e92a961fd6659f1fe23c8bead04e7942e1697342aa9157d0c676a3968b12f59

    • SSDEEP

      24576:OpvQqeRXP90Fif80jTFU5Tqoc2QCOcsscu:OZQvvAXQvycu

    • Detected google phishing page

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Legitimate hosting services abused for malware hosting/C2

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks