a806686b567ee3c95a5f3467209e88b9ba62bf10f9783004873c802ac4f4cd1d | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

1

f71e8dfcb7...8.xlsm

windows7-x64

f71e8dfcb7...8.xlsm

windows10-2004-x64

6

Sharing

General

Target

f71e8dfcb74e6e41a97bd6e9c60b5e67_JaffaCakes118
Size

41KB
Sample

240418-djpm4sae2x
MD5

f71e8dfcb74e6e41a97bd6e9c60b5e67
SHA1

6d78c0a0be761b764fb3c00eda747310e71bf5fc
SHA256

a806686b567ee3c95a5f3467209e88b9ba62bf10f9783004873c802ac4f4cd1d
SHA512

2651cd6f3c998b824b1b63d6e2f95ab53d922697cdd0f576883ea0830b728426773e797e88719ebeaa7e279ef5d6669ae9e494cc1f8bcbb506e773eababd37fd
SSDEEP

768:OH69bfxnua2XpQotJQ/+/0VvhFqe/jAx+Ab7JJCgRd3TTZSxgfCIOW0Zngbc:+6Xua2a4yvhF1/ej3zCS3ZSxPZnR

Score

10^/10

Static task

static1

Behavioral task

behavioral1

Sample

f71e8dfcb74e6e41a97bd6e9c60b5e67_JaffaCakes118.xlsm

Resource

win7-20240215-en

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

f71e8dfcb74e6e41a97bd6e9c60b5e67_JaffaCakes118.xlsm

Resource

win10v2004-20240226-en

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  f71e8dfcb74e6e41a97bd6e9c60b5e67_JaffaCakes118
- Size
  
  41KB
- MD5
  
  f71e8dfcb74e6e41a97bd6e9c60b5e67
- SHA1
  
  6d78c0a0be761b764fb3c00eda747310e71bf5fc
- SHA256
  
  a806686b567ee3c95a5f3467209e88b9ba62bf10f9783004873c802ac4f4cd1d
- SHA512
  
  2651cd6f3c998b824b1b63d6e2f95ab53d922697cdd0f576883ea0830b728426773e797e88719ebeaa7e279ef5d6669ae9e494cc1f8bcbb506e773eababd37fd
- SSDEEP
  
  768:OH69bfxnua2XpQotJQ/+/0VvhFqe/jAx+Ab7JJCgRd3TTZSxgfCIOW0Zngbc:+6Xua2a4yvhF1/ej3zCS3ZSxPZnR
Score

10^/10
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
- Process spawned suspicious child process
  This child process is typically not spawned unless (for example) the parent process crashes. This typically indicates the parent process was unsuccessfully compromised.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy