Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
5f3431015a20dfe91d5a3c307c665890_JaffaCakes118
-
Size
145KB
-
Sample
240331-1vskgadg63
-
MD5
5f3431015a20dfe91d5a3c307c665890
-
SHA1
eb5968420d8bbabe0f37bda36ddc6c08ac01c7ed
-
SHA256
3b9fc92b72734a6257272850910f2c59ba7aa1633ef234f2f7b8bbeb8eef9075
-
SHA512
2f6e18b5c87a9d8ea3ff983f6cb325c7d75ac8fab8e2b212a863443bbdb1578effd3accb5815a0b103470bb56e37576ae6f848368f3d6af2d3b25f9a21498d2c
-
SSDEEP
3072:u2VXXvI6nUshy4hCPl5RZI68y1FbEHm9Bo3t2aiH8wR:C6UshyPtSwbEHmo3lob
Behavioral task
behavioral1
Sample
Service-Interrupt-335864247.xls
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
Service-Interrupt-335864247.xls
Resource
win10v2004-20231215-en
Malware Config
Extracted
http://185.244.150.146/45382.9157380787.dat
http://178.23.190.242/45382.9157380787.dat
http://23.106.124.53/45382.9157380787.dat
Extracted
http://185.244.150.146/45382.9157439815.dat
http://178.23.190.242/45382.9157439815.dat
http://23.106.124.53/45382.9157439815.dat
Targets
-
-
Target
Service-Interrupt-335864247.xls
-
Size
138KB
-
MD5
aa7a6477eddfe02b28d0dcef749c5203
-
SHA1
5e9dc557b31772b5a0cfca7d0bb1fc5ff0a76390
-
SHA256
f714bfd8605b8f2af133dddb51d5f507025febeefce86a8ad6f9eacfba0d7aed
-
SHA512
ef4770ba6df4ba28dad8d270d0b41b4c1650a231574b21802bcc915ddc105c9f69d6d55b7f5655d5ece2aeddeb46c57a8c517b93a95705245f73b8783c2e6cd0
-
SSDEEP
3072:Ek3hOdsylKlgxopeiBNhZFGzE+cL2kdARc6YehWfGvtUHKGDbpmsii2+mZyAqgI8:Ek3hOdsylKlgxopeiBNhZF+E+W2kdARN
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-