Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
14daa4102435e660c6bb0ee22647be5f_JaffaCakes118
-
Size
249KB
-
Sample
240504-2xe8laed2w
-
MD5
14daa4102435e660c6bb0ee22647be5f
-
SHA1
2d5e7f62e05070d47172f78261fcd51981d729f4
-
SHA256
be308880645b0a69fc1542b416dc00d1af234a51bfc2bb94ab8f499474fc605f
-
SHA512
6c46362575444c328a9259034cf92aff13580d2e40da94826b0cdd0de82a22618c479d52874c48b30237e492e1250c63bf301a886b23f37c66f549a562c47d5c
-
SSDEEP
3072:YyfLEIteDJp626aAaP/2iFsPZkjL/xSu90OoiLuDKZXfwKeljR1B:YyfL8Ozda32rZSxUOmD+XfwLl
Static task
static1
Behavioral task
behavioral1
Sample
14daa4102435e660c6bb0ee22647be5f_JaffaCakes118.doc
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
14daa4102435e660c6bb0ee22647be5f_JaffaCakes118.doc
Resource
win10v2004-20240426-en
Malware Config
Extracted
http://bestprogrammingbooks.com/wp-admin/caD67CPRUd
http://www.pabloteixeira.com/xoUPk7FI
http://shoesstockshop.ru/xxLR1CX
http://maisonvoltaire.org/EsUDRwECHV
http://xaydungphuongdong.net/C2AGBs7Ah
Targets
-
-
Target
14daa4102435e660c6bb0ee22647be5f_JaffaCakes118
-
Size
249KB
-
MD5
14daa4102435e660c6bb0ee22647be5f
-
SHA1
2d5e7f62e05070d47172f78261fcd51981d729f4
-
SHA256
be308880645b0a69fc1542b416dc00d1af234a51bfc2bb94ab8f499474fc605f
-
SHA512
6c46362575444c328a9259034cf92aff13580d2e40da94826b0cdd0de82a22618c479d52874c48b30237e492e1250c63bf301a886b23f37c66f549a562c47d5c
-
SSDEEP
3072:YyfLEIteDJp626aAaP/2iFsPZkjL/xSu90OoiLuDKZXfwKeljR1B:YyfL8Ozda32rZSxUOmD+XfwLl
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
An obfuscated cmd.exe command-line is typically used to evade detection.
-