Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
17c1864a92b2089696428c6ba3610db1_JaffaCakes118
-
Size
159KB
-
Sample
240505-p36aradg36
-
MD5
17c1864a92b2089696428c6ba3610db1
-
SHA1
16961ba6c5f19d189a3aed4654abe31736e15cd8
-
SHA256
ff89c1fbff53a20e37f95ba53c554cc3e185ffea3af08c722c963aced19af949
-
SHA512
9960386f6be5b06121e3ef9643722653cabe417fb43e25cbec3f51f6830b7746c030c168931c2b711cb33ce216c68e4a008b0867009217fe3cc65b6917120786
-
SSDEEP
1536:+iaqasrdi1Ir77zOH98Wj2gpngx+a9CxRiqLE8ct2PU7eXKSSxH5ppJxuFWD:+0rfrzOH98ipgqkJxuFWD
Behavioral task
behavioral1
Sample
17c1864a92b2089696428c6ba3610db1_JaffaCakes118.doc
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
17c1864a92b2089696428c6ba3610db1_JaffaCakes118.doc
Resource
win10v2004-20240419-en
Malware Config
Extracted
http://77yxx.com/b5rh/bZxS/
http://shahramookht.com/t1k12k7t/8jq/
http://www.aciitaly.com/adminer-master/gkI/
https://codelta.es/images/9S35FR/
https://burstoutloud.com/PPL/Hf/
https://targetin.com/Silder-1/naK/
http://dbestfishing.com.sg/67s/wfe/
Targets
-
-
Target
17c1864a92b2089696428c6ba3610db1_JaffaCakes118
-
Size
159KB
-
MD5
17c1864a92b2089696428c6ba3610db1
-
SHA1
16961ba6c5f19d189a3aed4654abe31736e15cd8
-
SHA256
ff89c1fbff53a20e37f95ba53c554cc3e185ffea3af08c722c963aced19af949
-
SHA512
9960386f6be5b06121e3ef9643722653cabe417fb43e25cbec3f51f6830b7746c030c168931c2b711cb33ce216c68e4a008b0867009217fe3cc65b6917120786
-
SSDEEP
1536:+iaqasrdi1Ir77zOH98Wj2gpngx+a9CxRiqLE8ct2PU7eXKSSxH5ppJxuFWD:+0rfrzOH98ipgqkJxuFWD
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-