Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
99d4e6823ca77891ffbdf29922bd1272_JaffaCakes118
-
Size
629KB
-
Sample
240402-3azjdsge6v
-
MD5
99d4e6823ca77891ffbdf29922bd1272
-
SHA1
1427cf992d01da50eb250b33303d3f8873b989a8
-
SHA256
e469a3442dbede6e908755799fb367c6f7d729e46b3bc7cf67bca3fa28238ab4
-
SHA512
28583cf69a39565fdc90e39bf91000c1a9db6dda2ee17c437a7d5644edefb0d2b3d88b591fb7c178333d04a8e9e02634f31a28db650c7d9d8889ca6e4716aa76
-
SSDEEP
12288:ebqTtukI4DLk+N76BI7G+eDYYQgc6gID6ijVAm5vbZ82NHKLtO2:OmukI6Y+N7uDgl6gI9VAm5vzs
Behavioral task
behavioral1
Sample
99d4e6823ca77891ffbdf29922bd1272_JaffaCakes118.doc
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
99d4e6823ca77891ffbdf29922bd1272_JaffaCakes118.doc
Resource
win10v2004-20240319-en
Malware Config
Extracted
http://18.195.143.183/7/7/RQL_0506111780.exe
Targets
-
-
Target
99d4e6823ca77891ffbdf29922bd1272_JaffaCakes118
-
Size
629KB
-
MD5
99d4e6823ca77891ffbdf29922bd1272
-
SHA1
1427cf992d01da50eb250b33303d3f8873b989a8
-
SHA256
e469a3442dbede6e908755799fb367c6f7d729e46b3bc7cf67bca3fa28238ab4
-
SHA512
28583cf69a39565fdc90e39bf91000c1a9db6dda2ee17c437a7d5644edefb0d2b3d88b591fb7c178333d04a8e9e02634f31a28db650c7d9d8889ca6e4716aa76
-
SSDEEP
12288:ebqTtukI4DLk+N76BI7G+eDYYQgc6gID6ijVAm5vbZ82NHKLtO2:OmukI6Y+N7uDgl6gI9VAm5vzs
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-