Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
17416f7997c337602bdd1a62be41b54c_JaffaCakes118
-
Size
114KB
-
Sample
240505-mhs4ksaf36
-
MD5
17416f7997c337602bdd1a62be41b54c
-
SHA1
f40cc56fab62e619fcecbda14e7bf6e40cdf104f
-
SHA256
3eee95e3aa76b5a69f0af4b8f2be5ca3dc1ad9a5a3801cb52ab6c1c3af2b4bdb
-
SHA512
27c946eabac63893bf930c99c74e7d27cbb8e6f3e60d527d66d4b5d08f00a41fedb7e28630740bfa6933bafb87d044fd46a8fe6abc0e28af91d3f9ff457541ce
-
SSDEEP
1536:EY9GPST/p0wPIHkwZ8HZOVMDDwUmqD2CufCFr6aEqQmCVnD32+1SWvySdtxN:ZF9RAE+KZycnFImCdvaktxN
Static task
static1
Behavioral task
behavioral1
Sample
17416f7997c337602bdd1a62be41b54c_JaffaCakes118.doc
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
17416f7997c337602bdd1a62be41b54c_JaffaCakes118.doc
Resource
win10v2004-20240419-en
Malware Config
Extracted
http://www.deepwebeye.com/bIOkIze
http://www.ensleyortho.com/ES14ezQtPA
http://www.finetsolutions.com/6X5wMUi
http://www.gicals.com/QveilV42wN
http://www.getmyprospects.com/mQOFmMA
Targets
-
-
Target
17416f7997c337602bdd1a62be41b54c_JaffaCakes118
-
Size
114KB
-
MD5
17416f7997c337602bdd1a62be41b54c
-
SHA1
f40cc56fab62e619fcecbda14e7bf6e40cdf104f
-
SHA256
3eee95e3aa76b5a69f0af4b8f2be5ca3dc1ad9a5a3801cb52ab6c1c3af2b4bdb
-
SHA512
27c946eabac63893bf930c99c74e7d27cbb8e6f3e60d527d66d4b5d08f00a41fedb7e28630740bfa6933bafb87d044fd46a8fe6abc0e28af91d3f9ff457541ce
-
SSDEEP
1536:EY9GPST/p0wPIHkwZ8HZOVMDDwUmqD2CufCFr6aEqQmCVnD32+1SWvySdtxN:ZF9RAE+KZycnFImCdvaktxN
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-