Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

8

2b55fd8225...18.doc

windows7-x64

10

2b55fd8225...18.doc

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2b55fd8225bbb246505b3977b3f9a771_JaffaCakes118

  • Size

    87KB

  • Sample

    240509-w9evpsbg94

  • MD5

    2b55fd8225bbb246505b3977b3f9a771

  • SHA1

    69011ee374a24aaf95d295dfcc1caf7e40134116

  • SHA256

    c5062955b084ce13e9c6dcf285f4d664554b3f71de1e35af8238d2f717bb8863

  • SHA512

    465d673ffba4ed16b4d1d64eba50ef2b4ddb7d27c8d0aece9f8a61b2b8dc166e26f31d741b84c18fac9f327a7d5190e37d0c6d10571d5fe285321ec77bae467f

  • SSDEEP

    1536:07ljmW9/bvF8kDK3cvyQa2E1XFjmCaIH84G+a9:Wl/bvF8OnaJ1XtxaIH84

Score
10/10
macro

Malware Config

Extracted

Language
ps1
Deobfuscated
URLs
exe.dropper

http://www.ozturcanakkale.com/veh
exe.dropper

http://jalvarshaborewell.com/qKkg
exe.dropper

http://kikakeus.nl/dgc0WYq9
exe.dropper

http://pashkinbar.ru/cWGU
exe.dropper

http://cisteni-studni.com/qb1Y2

Targets

    • Target

      2b55fd8225bbb246505b3977b3f9a771_JaffaCakes118

    • Size

      87KB

    • MD5

      2b55fd8225bbb246505b3977b3f9a771

    • SHA1

      69011ee374a24aaf95d295dfcc1caf7e40134116

    • SHA256

      c5062955b084ce13e9c6dcf285f4d664554b3f71de1e35af8238d2f717bb8863

    • SHA512

      465d673ffba4ed16b4d1d64eba50ef2b4ddb7d27c8d0aece9f8a61b2b8dc166e26f31d741b84c18fac9f327a7d5190e37d0c6d10571d5fe285321ec77bae467f

    • SSDEEP

      1536:07ljmW9/bvF8kDK3cvyQa2E1XFjmCaIH84G+a9:Wl/bvF8OnaJ1XtxaIH84

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks