Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2ed751321df191d32d524910b7cea21c_JaffaCakes118
-
Size
171KB
-
Sample
240510-ndr66abc2z
-
MD5
2ed751321df191d32d524910b7cea21c
-
SHA1
532789b102a6823041d67946425a662465906749
-
SHA256
a4bf34957b238490108c4cba630f89765b964690efdd84422cdb0a4b1de81705
-
SHA512
8715dc574e73a9fa8e95102d12c5b467322c6d7b2000b320bef4027746f31e4976844d2be7158823c48df810b79de91243f6abf3c4cfa74c9072ccef587bc04f
-
SSDEEP
1536:LGGGGGGGGGG2xJLEt+LaaGGGGGGGGGGjLo9xiP2hCYey7dL6PhLtHrxM43atHtji:ZrfrzOH98ipgKHD+3KvoEwrQ
Behavioral task
behavioral1
Sample
2ed751321df191d32d524910b7cea21c_JaffaCakes118.doc
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2ed751321df191d32d524910b7cea21c_JaffaCakes118.doc
Resource
win10v2004-20240508-en
Malware Config
Extracted
http://smartfarmsky.com/kdxhp/K/
https://theonesmartpiano.com/wp-admin/css/colors/modern/W/
https://www.breedenandsilver.com/wp-content/W3/
https://blog.workshots.net/bibqcr9/GSB/
https://lggpm.live/cgi-bin/Yq/
https://sodalite.life/wp-content/uploads/Fl/
https://classroom.live/wp-content/OlY/
Targets
-
-
Target
2ed751321df191d32d524910b7cea21c_JaffaCakes118
-
Size
171KB
-
MD5
2ed751321df191d32d524910b7cea21c
-
SHA1
532789b102a6823041d67946425a662465906749
-
SHA256
a4bf34957b238490108c4cba630f89765b964690efdd84422cdb0a4b1de81705
-
SHA512
8715dc574e73a9fa8e95102d12c5b467322c6d7b2000b320bef4027746f31e4976844d2be7158823c48df810b79de91243f6abf3c4cfa74c9072ccef587bc04f
-
SSDEEP
1536:LGGGGGGGGGG2xJLEt+LaaGGGGGGGGGGjLo9xiP2hCYey7dL6PhLtHrxM43atHtji:ZrfrzOH98ipgKHD+3KvoEwrQ
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-