Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2c4bd045791506a7b824d6c30a4d3346_JaffaCakes118
-
Size
175KB
-
Sample
240509-3srw9shd22
-
MD5
2c4bd045791506a7b824d6c30a4d3346
-
SHA1
74c2a3b338288b5f779e099007da05084ce43990
-
SHA256
0de620338216a3c13ea8a4d29f48ec20723321277d41c14f17c94fd8282dc32a
-
SHA512
f9e82c64136ad92fb1a5e6243b51c2f344e4400b5ef900385e8cea73dc9f32003f71a3d8ad525c2212c46e023f7f97c870e1d06a1fb8ec3468bd49730ba6ee93
-
SSDEEP
3072:e20EgXSimeOy6MzJiNKDzaJFUKc0UTE7yZRUV7RJeOzi8E:e2yXrmaMEDzYUTE7yZRVUi8E
Static task
static1
Behavioral task
behavioral1
Sample
2c4bd045791506a7b824d6c30a4d3346_JaffaCakes118.doc
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
2c4bd045791506a7b824d6c30a4d3346_JaffaCakes118.doc
Resource
win10v2004-20240508-en
Malware Config
Extracted
http://salah.mobiilat.com/e24sv6_38Ihrh_nVYqny
http://panlierhu.com/XMy9MFv1_pDQsD
http://salecar2.muasam360.com/wp-content/9z7_MFL011
http://afordioretails.com/D4Rm_Eugj
http://thanhlapdoanhnghiephnh.com/kbCg0oh0_rNNj4TLtq_K
Targets
-
-
Target
2c4bd045791506a7b824d6c30a4d3346_JaffaCakes118
-
Size
175KB
-
MD5
2c4bd045791506a7b824d6c30a4d3346
-
SHA1
74c2a3b338288b5f779e099007da05084ce43990
-
SHA256
0de620338216a3c13ea8a4d29f48ec20723321277d41c14f17c94fd8282dc32a
-
SHA512
f9e82c64136ad92fb1a5e6243b51c2f344e4400b5ef900385e8cea73dc9f32003f71a3d8ad525c2212c46e023f7f97c870e1d06a1fb8ec3468bd49730ba6ee93
-
SSDEEP
3072:e20EgXSimeOy6MzJiNKDzaJFUKc0UTE7yZRUV7RJeOzi8E:e2yXrmaMEDzYUTE7yZRVUi8E
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-