Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
5a47c83afe361294f04dc2d1135a147f_JaffaCakes118
-
Size
629KB
-
Sample
240331-wps7laha26
-
MD5
5a47c83afe361294f04dc2d1135a147f
-
SHA1
0f6a703da0847040237fe866d0edfb2179f84d70
-
SHA256
0ab967cedf8b0dad891484aea1f1319fdf6360803f68cf11dcd4cedc79f015a4
-
SHA512
faad232f2410db410d11f380e42484d19e0b8b4bc803822f710f12513d17de8b2a5349d660df631cb36df6be0b5a07c6e9a95048b84cf3bb517f96c925ddf667
-
SSDEEP
12288:mbqTtukI4DLk+N76BI7G+eDYYQgc6gID6ijVAm5vbZ82NHKLtO2:GmukI6Y+N7uDgl6gI9VAm5vzs
Behavioral task
behavioral1
Sample
5a47c83afe361294f04dc2d1135a147f_JaffaCakes118.doc
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
5a47c83afe361294f04dc2d1135a147f_JaffaCakes118.doc
Resource
win10v2004-20240226-en
Malware Config
Extracted
http://18.195.143.183/7/7/IMG_0211678531077.exe
Targets
-
-
Target
5a47c83afe361294f04dc2d1135a147f_JaffaCakes118
-
Size
629KB
-
MD5
5a47c83afe361294f04dc2d1135a147f
-
SHA1
0f6a703da0847040237fe866d0edfb2179f84d70
-
SHA256
0ab967cedf8b0dad891484aea1f1319fdf6360803f68cf11dcd4cedc79f015a4
-
SHA512
faad232f2410db410d11f380e42484d19e0b8b4bc803822f710f12513d17de8b2a5349d660df631cb36df6be0b5a07c6e9a95048b84cf3bb517f96c925ddf667
-
SSDEEP
12288:mbqTtukI4DLk+N76BI7G+eDYYQgc6gID6ijVAm5vbZ82NHKLtO2:GmukI6Y+N7uDgl6gI9VAm5vzs
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-