Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
9934f525e8ea1c8a4b24a3f2e4bc41fe_JaffaCakes118
-
Size
629KB
-
Sample
240402-2qxt3agb33
-
MD5
9934f525e8ea1c8a4b24a3f2e4bc41fe
-
SHA1
579e8c03eac407eb6cc268419d0cc39ea743a14e
-
SHA256
a39fb6c88577cf1433d6c45a30ae8f9cd746431a81a8f0e883ebdeaf3479b220
-
SHA512
cbb3131747ad5ceed607606ba39b3562d9c1d55c293c41491fb2a2d3c832be5bb75cce572d22cab8d541b2854932feee102377e4c57f5236008a159379d4a798
-
SSDEEP
12288:zbqTtukI4DLk+N76BI7G+eDYYQgc6gID6ijVAm5vbZ82NHKLtO2:HmukI6Y+N7uDgl6gI9VAm5vzs
Behavioral task
behavioral1
Sample
9934f525e8ea1c8a4b24a3f2e4bc41fe_JaffaCakes118.doc
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
9934f525e8ea1c8a4b24a3f2e4bc41fe_JaffaCakes118.doc
Resource
win10v2004-20240226-en
Malware Config
Extracted
http://18.195.143.183/7/7/BTL_01145120_160850IMG.exe
Targets
-
-
Target
9934f525e8ea1c8a4b24a3f2e4bc41fe_JaffaCakes118
-
Size
629KB
-
MD5
9934f525e8ea1c8a4b24a3f2e4bc41fe
-
SHA1
579e8c03eac407eb6cc268419d0cc39ea743a14e
-
SHA256
a39fb6c88577cf1433d6c45a30ae8f9cd746431a81a8f0e883ebdeaf3479b220
-
SHA512
cbb3131747ad5ceed607606ba39b3562d9c1d55c293c41491fb2a2d3c832be5bb75cce572d22cab8d541b2854932feee102377e4c57f5236008a159379d4a798
-
SSDEEP
12288:zbqTtukI4DLk+N76BI7G+eDYYQgc6gID6ijVAm5vbZ82NHKLtO2:HmukI6Y+N7uDgl6gI9VAm5vzs
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-