Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
330cac94d023c83243c3ef43fb53ced6_JaffaCakes118
-
Size
242KB
-
Sample
240511-gk3sxabf24
-
MD5
330cac94d023c83243c3ef43fb53ced6
-
SHA1
c7787cf236d529c5063e5be11c209da3826a80c4
-
SHA256
0df96582929e65cfd240823ab1fab9b485135aa74403d0135ce6aa662149f68a
-
SHA512
619f0d3ddf91dfdbf9ac57e87947d1777390b13ad98c293f3ed6179a32122f20136ab883a1ff3c543d04dd3d48b086795a84a905302344ae45e4947aeeabe2ff
-
SSDEEP
3072:XYy0u8YGgjv+ZvchmkHcI/o1/Vb6///////////////////////////////////w:Z0uXnWFchmmcI/o1/Z1r
Malware Config
Extracted
http://localesfavoritos.com/wp-admin/c/
http://generalstorebd.com/wp-admin/pvI/
https://agrotradespecialist.com/re/xq/
http://laladiwanchandmodernwrestlingandyogacentre.com/wp-content/kg/
http://zzuzhi.xuezha.vip/themes/P/
http://octopusconsults.com/wp-content/En7/
https://minilillie.com/8npku7/b/
Targets
-
-
Target
330cac94d023c83243c3ef43fb53ced6_JaffaCakes118
-
Size
242KB
-
MD5
330cac94d023c83243c3ef43fb53ced6
-
SHA1
c7787cf236d529c5063e5be11c209da3826a80c4
-
SHA256
0df96582929e65cfd240823ab1fab9b485135aa74403d0135ce6aa662149f68a
-
SHA512
619f0d3ddf91dfdbf9ac57e87947d1777390b13ad98c293f3ed6179a32122f20136ab883a1ff3c543d04dd3d48b086795a84a905302344ae45e4947aeeabe2ff
-
SSDEEP
3072:XYy0u8YGgjv+ZvchmkHcI/o1/Vb6///////////////////////////////////w:Z0uXnWFchmmcI/o1/Z1r
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-