e0a08ff6494168340f1d1b926506848ca74ffb4b90cf9c6b6305266a1c9328e4 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

1

27dabbb4ea...18.doc

windows7-x64

1

27dabbb4ea...18.doc

windows10-2004-x64

1

decrypted.xlsx

windows7-x64

8

decrypted.xlsx

windows10-2004-x64

1

Sharing

General

Target

27dabbb4eaf2447b5b0e5276aa233ba8_JaffaCakes118
Size

595KB
Sample

240329-vqn4ladg98
MD5

27dabbb4eaf2447b5b0e5276aa233ba8
SHA1

695bb0dacc42e9cd95da75f2d5d382ad9922d662
SHA256

e0a08ff6494168340f1d1b926506848ca74ffb4b90cf9c6b6305266a1c9328e4
SHA512

802b99ec0dd0b61fdcf55a224bd187fc16e8d5ab1d82c3fb31425787bc22a9df2ecee06e65708f3e8fc93ee24c51d85b088febc998457f15441f3d32b13bbcdc
SSDEEP

12288:S9oJmwAOkdtR00osOK2lvl60gttjfUPBl3t6try10Uh2zkmu:SqmGkHeD3TDRg3W6tW0U9X

Score

8^/10

Static task

static1

Behavioral task

behavioral1

Sample

27dabbb4eaf2447b5b0e5276aa233ba8_JaffaCakes118.doc

Resource

win7-20240221-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

27dabbb4eaf2447b5b0e5276aa233ba8_JaffaCakes118.doc

Resource

win10v2004-20240319-en

windows10-2004-x64

7 signatures

150 seconds

Behavioral task

behavioral3

Sample

decrypted.xlsx

Resource

win7-20240221-en

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral4

Sample

decrypted.xlsx

Resource

win10v2004-20240226-en

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  27dabbb4eaf2447b5b0e5276aa233ba8_JaffaCakes118
- Size
  
  595KB
- MD5
  
  27dabbb4eaf2447b5b0e5276aa233ba8
- SHA1
  
  695bb0dacc42e9cd95da75f2d5d382ad9922d662
- SHA256
  
  e0a08ff6494168340f1d1b926506848ca74ffb4b90cf9c6b6305266a1c9328e4
- SHA512
  
  802b99ec0dd0b61fdcf55a224bd187fc16e8d5ab1d82c3fb31425787bc22a9df2ecee06e65708f3e8fc93ee24c51d85b088febc998457f15441f3d32b13bbcdc
- SSDEEP
  
  12288:S9oJmwAOkdtR00osOK2lvl60gttjfUPBl3t6try10Uh2zkmu:SqmGkHeD3TDRg3W6tW0U9X
Score

1^/10
behavioral1 behavioral2
- Target
  
  decrypted
- Size
  
  586KB
- MD5
  
  5c3b38135d6af0c13edd2a4ab56e3fee
- SHA1
  
  05b415b0b93195838258acba1c5431eff79ff12a
- SHA256
  
  8f6bd28a507af02d43cf0e29d9b213e9b5a938ad2c314097ad4fbaca1d986256
- SHA512
  
  f3bd952e0749616e1d764f0254573fad16353531e780bf5f9e87219a97d9fbd025f221466bc2cf83b962d63aa121f93b2cbf7c4bede930b3001457dfdde21ef3
- SSDEEP
  
  12288:VQdrtkaEfAJoa+0zl/SqwbRXbnumIYSDZX9tra0JOrMGZ5NtSdZ1:aNuaEIJoa+3nb7E9w0Js1TSdZ1
Score

8^/10
- Blocklisted process makes network request
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Exploitation for Client Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

© 2018-2025

Terms | Privacy