Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
268104ac7fd244e33b0d072e3aaf8c7f_JaffaCakes118
-
Size
194KB
-
Sample
240508-ytz7tada6t
-
MD5
268104ac7fd244e33b0d072e3aaf8c7f
-
SHA1
165cb836f16b05ebb35ff609e09721a9df871427
-
SHA256
b91795826d1ceca51e57aeb1aa43ac0960c1aed23a0a8ea2949528f7a5938598
-
SHA512
795ebe5b1ee0df803b4dfe356d51a8c1a571133f917e2864e4accb71dadcbaa0ee8e79dafb4fdf0c2bd980b6c3115bccf2e6ff5cc3d96fbcaf5ab7a4c51e4934
-
SSDEEP
1536:DGGGGGGGGGG2xJLEt+LaaGGGGGGGGGGjLo9xilqfqdFTaFVT/EA8s9p8cjMfmVS9:+rfrzOH98ipgAd58cxs
Behavioral task
behavioral1
Sample
268104ac7fd244e33b0d072e3aaf8c7f_JaffaCakes118.doc
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
268104ac7fd244e33b0d072e3aaf8c7f_JaffaCakes118.doc
Resource
win10v2004-20240426-en
Malware Config
Extracted
http://boys86.com/wp-admin/mO/
http://dacyclin.com/3qx/Z/
https://fepami.com/wp-includes/oRT/
https://xnxxfullhd.com/wp-admin/NAK/
https://www.business-management-degree.net/wp-snapshots/W/
http://homestay.design/wordpress/M/
https://csc-comunity.com/wp-admin/6DW/
Targets
-
-
Target
268104ac7fd244e33b0d072e3aaf8c7f_JaffaCakes118
-
Size
194KB
-
MD5
268104ac7fd244e33b0d072e3aaf8c7f
-
SHA1
165cb836f16b05ebb35ff609e09721a9df871427
-
SHA256
b91795826d1ceca51e57aeb1aa43ac0960c1aed23a0a8ea2949528f7a5938598
-
SHA512
795ebe5b1ee0df803b4dfe356d51a8c1a571133f917e2864e4accb71dadcbaa0ee8e79dafb4fdf0c2bd980b6c3115bccf2e6ff5cc3d96fbcaf5ab7a4c51e4934
-
SSDEEP
1536:DGGGGGGGGGG2xJLEt+LaaGGGGGGGGGGjLo9xilqfqdFTaFVT/EA8s9p8cjMfmVS9:+rfrzOH98ipgAd58cxs
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-