Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
75b4238c2f85004e081db828b23a5cec_JaffaCakes118
-
Size
542KB
-
Sample
240401-vp6bgsac4w
-
MD5
75b4238c2f85004e081db828b23a5cec
-
SHA1
49de5b1aa6a602788242a5e903ec2b55143c0231
-
SHA256
b2faad8a27986b771bf08154f5cf8f0557d924f99569243079255da2ef460ba0
-
SHA512
42cef1f3667ae2d6760c578ba0a842cdebb86b6a9ed1f508521b6364f9ad95caf1b68904831ef4cdacbbe7a22a52eef0bc6639a5959bbc0c7ddab0bacd3beef9
-
SSDEEP
12288:uz7ypuBB3IpMiw4Ef6M84ntMeBAofagCuOqPikH5m:WAuBBfUM8eB1fCuZPnm
Behavioral task
behavioral1
Sample
75b4238c2f85004e081db828b23a5cec_JaffaCakes118.xls
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
75b4238c2f85004e081db828b23a5cec_JaffaCakes118.xls
Resource
win10v2004-20240226-en
Malware Config
Extracted
http://190.14.37.236/45383.7161570602.dat
http://101.99.90.73/45383.7161570602.dat
http://194.36.191.16/45383.7161570602.dat
Extracted
http://190.14.37.236/45383.7160831019.dat
http://101.99.90.73/45383.7160831019.dat
http://194.36.191.16/45383.7160831019.dat
Targets
-
-
Target
75b4238c2f85004e081db828b23a5cec_JaffaCakes118
-
Size
542KB
-
MD5
75b4238c2f85004e081db828b23a5cec
-
SHA1
49de5b1aa6a602788242a5e903ec2b55143c0231
-
SHA256
b2faad8a27986b771bf08154f5cf8f0557d924f99569243079255da2ef460ba0
-
SHA512
42cef1f3667ae2d6760c578ba0a842cdebb86b6a9ed1f508521b6364f9ad95caf1b68904831ef4cdacbbe7a22a52eef0bc6639a5959bbc0c7ddab0bacd3beef9
-
SSDEEP
12288:uz7ypuBB3IpMiw4Ef6M84ntMeBAofagCuOqPikH5m:WAuBBfUM8eB1fCuZPnm
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-