Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
4e18e09ebe9904bcc1665a03ccf7289c_JaffaCakes118
-
Size
139KB
-
Sample
240331-fw7essec7z
-
MD5
4e18e09ebe9904bcc1665a03ccf7289c
-
SHA1
682123a35c4ab059373eff365ad65302e00d5436
-
SHA256
9a0a90027d20cb15d3be76724f39f8b99e68837a2e0f8a781de7b3ae2895611a
-
SHA512
b65944c65ce2a516e4a22d0c7c390c0cf4170d75f47a5a7c40734f63c51690a2fccaab5f3b46532443441c836ba23fadd79726ee86582af82bfa11bd5d1efbda
-
SSDEEP
3072:Uk3hOdsylKlgxopeiBNhZFGzE+cL2kdAXc6YehWfGjtUHKGDbpmsiiB9030K+lrq:Uk3hOdsylKlgxopeiBNhZF+E+W2kdAXZ
Behavioral task
behavioral1
Sample
4e18e09ebe9904bcc1665a03ccf7289c_JaffaCakes118.xls
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
4e18e09ebe9904bcc1665a03ccf7289c_JaffaCakes118.xls
Resource
win10v2004-20240226-en
Malware Config
Extracted
http://194.104.136.62/45382.2186247685.dat
http://23.106.125.248/45382.2186247685.dat
http://79.141.165.17/45382.2186247685.dat
Extracted
http://194.104.136.62/45382.2185143519.dat
http://23.106.125.248/45382.2185143519.dat
http://79.141.165.17/45382.2185143519.dat
Targets
-
-
Target
4e18e09ebe9904bcc1665a03ccf7289c_JaffaCakes118
-
Size
139KB
-
MD5
4e18e09ebe9904bcc1665a03ccf7289c
-
SHA1
682123a35c4ab059373eff365ad65302e00d5436
-
SHA256
9a0a90027d20cb15d3be76724f39f8b99e68837a2e0f8a781de7b3ae2895611a
-
SHA512
b65944c65ce2a516e4a22d0c7c390c0cf4170d75f47a5a7c40734f63c51690a2fccaab5f3b46532443441c836ba23fadd79726ee86582af82bfa11bd5d1efbda
-
SSDEEP
3072:Uk3hOdsylKlgxopeiBNhZFGzE+cL2kdAXc6YehWfGjtUHKGDbpmsiiB9030K+lrq:Uk3hOdsylKlgxopeiBNhZF+E+W2kdAXZ
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-