Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2171d7a11c215bdd470fcd398c776b6d_JaffaCakes118
-
Size
599KB
-
Sample
240507-yfg43scd3y
-
MD5
2171d7a11c215bdd470fcd398c776b6d
-
SHA1
5e87f0159bd179e69d935f1fcbc29c17bb72cea7
-
SHA256
b8cc9e2b1509abfb88b4b570456839e5c00a7ffa52da7ef3333eef7d7b00922c
-
SHA512
ce7baa4240d9a4fd9b89019739d369276d4b5ada3bd831147fe20a95ae2263b71c5e824d54af0f17df5c44edb6501058e79490e52e3a759e1b3b8f42beb8fe8b
-
SSDEEP
12288:rosspP5Lzf8osspP5LzfdxrEjf3kEHjyaQ4:opP5LTLpP5LTDA1uaQ4
Static task
static1
Behavioral task
behavioral1
Sample
2171d7a11c215bdd470fcd398c776b6d_JaffaCakes118.exe
Resource
win7-20240220-en
Malware Config
Extracted
formbook
3.8
h35
maraudersinc.com
liebianwangluo.com
visit-australia.info
machiyane-kasukabe.com
hafizclub.com
merkburn.net
favoritetraffic2updating.win
adrian-oeser.net
nkshopdomaincpplt234.info
imperiodofutebol.com
welometocaloundra.com
thehealthypose.com
squalloptna.com
bobknowsbest.com
damgproperties.com
wastemastershire.co.uk
swacballet.com
japanbreakingnews.com
bjufaa.info
aryakuza.com
ericbellband.com
undecrypt.com
printrade.win
stfuxxxx.com
xn--m7rv64cc7d7q1an8c.com
aeints.net
agrotecsol.com
rntme.com
dqdrpmm.com
inseedbrand.com
0x1tenmoney.men
khudothidongvan2.com
newcasinouk.com
avocatdedieu.com
cagewo.com
tmay.ltd
35s4.review
blipeducated.com
businesscoveragetop.online
syxjsn.com
commspacein.com
johns.zone
cj336.com
mario-vestec.com
saviorpalliative.info
motherloderiches.com
socialworld.site
yongshiquan.com
listingbussiness.com
irritablebowelsyndromeip.com
brazoriacountynavy.info
greencoffeebeans.store
kk6z.com
blacktaxi.online
homeremedyforum.com
khujn.com
pipeai.com
www502789.com
bbz168.com
copydinner.win
wwwdld005.com
forumin3d.net
bacarragroup.com
sarandipiagaldar.com
dotcex.com
Targets
-
-
Target
2171d7a11c215bdd470fcd398c776b6d_JaffaCakes118
-
Size
599KB
-
MD5
2171d7a11c215bdd470fcd398c776b6d
-
SHA1
5e87f0159bd179e69d935f1fcbc29c17bb72cea7
-
SHA256
b8cc9e2b1509abfb88b4b570456839e5c00a7ffa52da7ef3333eef7d7b00922c
-
SHA512
ce7baa4240d9a4fd9b89019739d369276d4b5ada3bd831147fe20a95ae2263b71c5e824d54af0f17df5c44edb6501058e79490e52e3a759e1b3b8f42beb8fe8b
-
SSDEEP
12288:rosspP5Lzf8osspP5LzfdxrEjf3kEHjyaQ4:opP5LTLpP5LTDA1uaQ4
-
Formbook payload
-
Suspicious use of SetThreadContext
-