Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
a8bc890acfe5e57cf3d01900aebd544f_JaffaCakes118
-
Size
542KB
-
Sample
240403-2qr9ksfb5t
-
MD5
a8bc890acfe5e57cf3d01900aebd544f
-
SHA1
4019fbfaffbcb131ec9b2ebeb3701c5ac70b4f38
-
SHA256
60124b0a5822debc0cb0e7c877c74fee1bf50bac82dbdd5dc8e664cf487daed1
-
SHA512
ed5b0d358a22738fca472afe54d673355c5ed7b49e59491cf25faca7dc83ba7a2e49ae160643c7ec5f5cdb9974dc58cb0670d4025bb634418b09ec972efb9714
-
SSDEEP
12288:lz7ypuBB3IpMiw4Ef6M84ntMeBAofagCuOqPikH5P:xAuBBfUM8eB1fCuZPnP
Behavioral task
behavioral1
Sample
a8bc890acfe5e57cf3d01900aebd544f_JaffaCakes118.xls
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
a8bc890acfe5e57cf3d01900aebd544f_JaffaCakes118.xls
Resource
win10v2004-20240226-en
Malware Config
Extracted
http://94.140.112.22/45385.9497212963.dat
http://80.92.206.79/45385.9497212963.dat
http://23.106.125.39/45385.9497212963.dat
Extracted
http://94.140.112.22/45385.9497405093.dat
http://80.92.206.79/45385.9497405093.dat
http://23.106.125.39/45385.9497405093.dat
Targets
-
-
Target
a8bc890acfe5e57cf3d01900aebd544f_JaffaCakes118
-
Size
542KB
-
MD5
a8bc890acfe5e57cf3d01900aebd544f
-
SHA1
4019fbfaffbcb131ec9b2ebeb3701c5ac70b4f38
-
SHA256
60124b0a5822debc0cb0e7c877c74fee1bf50bac82dbdd5dc8e664cf487daed1
-
SHA512
ed5b0d358a22738fca472afe54d673355c5ed7b49e59491cf25faca7dc83ba7a2e49ae160643c7ec5f5cdb9974dc58cb0670d4025bb634418b09ec972efb9714
-
SSDEEP
12288:lz7ypuBB3IpMiw4Ef6M84ntMeBAofagCuOqPikH5P:xAuBBfUM8eB1fCuZPnP
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-