Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
17791bac7754950867e1dae692f812ca_JaffaCakes118
-
Size
190KB
-
Sample
240505-nngheaca62
-
MD5
17791bac7754950867e1dae692f812ca
-
SHA1
93d20b3d1f885dab43c3cbe4cbdd27fe3c343f21
-
SHA256
cb488450f7c6cb90bdc78dc2e6febe6e9eb0f44713212f6737a5d686a5c682ce
-
SHA512
cefc2275279b7aa22ec18d3f6959bdd6f7532a3f75e9c4919c0270f8a0469b7f58fef6c8cd00065b26b3ee4e92e651fcb6721b3dfb73d3a1d3a137671e568cc6
-
SSDEEP
3072:uvHv22TWTogk079THcpOu5UZpNu81zUz4LKTJ:E/TX07hHcJQbuezUEL8J
Behavioral task
behavioral1
Sample
17791bac7754950867e1dae692f812ca_JaffaCakes118.doc
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
17791bac7754950867e1dae692f812ca_JaffaCakes118.doc
Resource
win10v2004-20240419-en
Malware Config
Extracted
http://minershallmuseum.com/documents/D/
http://injazjordan.com/moodle/Vh/
https://site1.xyz/wp-admin/Y/
http://2bstone.com/vr7tf0c/ZD/
http://biology-360.com/wp-admin/hv/
http://tez-tour.site/wp-content/9sB/
http://iooe.cn/wp-content/hdO/
Targets
-
-
Target
17791bac7754950867e1dae692f812ca_JaffaCakes118
-
Size
190KB
-
MD5
17791bac7754950867e1dae692f812ca
-
SHA1
93d20b3d1f885dab43c3cbe4cbdd27fe3c343f21
-
SHA256
cb488450f7c6cb90bdc78dc2e6febe6e9eb0f44713212f6737a5d686a5c682ce
-
SHA512
cefc2275279b7aa22ec18d3f6959bdd6f7532a3f75e9c4919c0270f8a0469b7f58fef6c8cd00065b26b3ee4e92e651fcb6721b3dfb73d3a1d3a137671e568cc6
-
SSDEEP
3072:uvHv22TWTogk079THcpOu5UZpNu81zUz4LKTJ:E/TX07hHcJQbuezUEL8J
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-