Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
a4a76c9ae8211bcd264532909f8c2875_JaffaCakes118
-
Size
136KB
-
Sample
240403-x7e85aag84
-
MD5
a4a76c9ae8211bcd264532909f8c2875
-
SHA1
4b9dcfd9c92c956f17a48a1b9dd2299f328a08e5
-
SHA256
167a95957c76896288917c0d90f05bfa1c5761c048199fafd334d414b0296f45
-
SHA512
4a2150fac8acfb60a2d4408a2df2d9b4d7b31eed7705bb96f9fb7a82b77423434889226209ac2f6b31befec36b92965463b3bf8b70ec051d83a942a58dfbf4f3
-
SSDEEP
3072:vk3hOdsylKlgxopeiBNhZFGzE+cL2kdA6c6YehWfGMtUHKGDbpmsiitGmZyAqgOb:vk3hOdsylKlgxopeiBNhZF+E+W2kdA6m
Behavioral task
behavioral1
Sample
a4a76c9ae8211bcd264532909f8c2875_JaffaCakes118.xls
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
a4a76c9ae8211bcd264532909f8c2875_JaffaCakes118.xls
Resource
win10v2004-20240226-en
Malware Config
Extracted
http://188.165.62.61/45385.8122012731.dat
http://79.141.171.170/45385.8122012731.dat
http://185.244.150.138/45385.8122012731.dat
Targets
-
-
Target
a4a76c9ae8211bcd264532909f8c2875_JaffaCakes118
-
Size
136KB
-
MD5
a4a76c9ae8211bcd264532909f8c2875
-
SHA1
4b9dcfd9c92c956f17a48a1b9dd2299f328a08e5
-
SHA256
167a95957c76896288917c0d90f05bfa1c5761c048199fafd334d414b0296f45
-
SHA512
4a2150fac8acfb60a2d4408a2df2d9b4d7b31eed7705bb96f9fb7a82b77423434889226209ac2f6b31befec36b92965463b3bf8b70ec051d83a942a58dfbf4f3
-
SSDEEP
3072:vk3hOdsylKlgxopeiBNhZFGzE+cL2kdA6c6YehWfGMtUHKGDbpmsiitGmZyAqgOb:vk3hOdsylKlgxopeiBNhZF+E+W2kdA6m
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-