Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

8

08ef5a7879...18.xls

windows7-x64

10

08ef5a7879...18.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    08ef5a78797711af0272d3c359542c0f_JaffaCakes118

  • Size

    226KB

  • Sample

    240430-d54n6abc66

  • MD5

    08ef5a78797711af0272d3c359542c0f

  • SHA1

    28c9a4510f85c7ac448d4eff9e4a52ee52b5df6c

  • SHA256

    6d621aff2dbcb6279bc1144dcd581cf0879a03d94a6b2a73dde2e67ffc0e6a0a

  • SHA512

    be08ebcedc2c663bc2365bd7f635e627162f976f615bbefea513a87eaad3b5817e3298c8247c8049cca59ebdedfeb1220d8ecbf03541c27809f558aa92eea9d3

  • SSDEEP

    6144:1k3hOdsylKlgxopeiBNhZF+E+W2kdAKRfjpozsCYKPcVe9QmkHHkw2iB4OYrjjuf:SKICYKPcVe9QmkHHkw2iB4OYrjjuxwcp

Score
10/10
macroxlm

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://jumper.rocks/wp-index.php
xlm40.dropper

https://jumper.yoga/wp-index.php

Targets

    • Target

      08ef5a78797711af0272d3c359542c0f_JaffaCakes118

    • Size

      226KB

    • MD5

      08ef5a78797711af0272d3c359542c0f

    • SHA1

      28c9a4510f85c7ac448d4eff9e4a52ee52b5df6c

    • SHA256

      6d621aff2dbcb6279bc1144dcd581cf0879a03d94a6b2a73dde2e67ffc0e6a0a

    • SHA512

      be08ebcedc2c663bc2365bd7f635e627162f976f615bbefea513a87eaad3b5817e3298c8247c8049cca59ebdedfeb1220d8ecbf03541c27809f558aa92eea9d3

    • SSDEEP

      6144:1k3hOdsylKlgxopeiBNhZF+E+W2kdAKRfjpozsCYKPcVe9QmkHHkw2iB4OYrjjuf:SKICYKPcVe9QmkHHkw2iB4OYrjjuxwcp

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks