Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
358d0deb05e22e9190356f31814cc768_JaffaCakes118
-
Size
323KB
-
Sample
240511-t6w9gaaf48
-
MD5
358d0deb05e22e9190356f31814cc768
-
SHA1
fd5b594092d9c0956c58fa784aeac6b33db728c6
-
SHA256
8f3d11ee0a6f59a0a86ea7bb4989e22cf4463d729f8aabb931457556aaf87797
-
SHA512
427f57f2f4f0b78ff99550c1566f2a2fa9b503a67bec2ce02b2ceca3a226d51d921d2294e0728a1bdfc36039288d4fa418b6b95fe63732677de8127e9d0ab306
-
SSDEEP
6144:AG5/BnVfRFJ7KK9aHScdX9znGUbd7e1+gsIUF25Q/YB2KBhCET/Gh:A2n9R/lA5dX9znGUbwggaFJ/YBTT/2
Behavioral task
behavioral1
Sample
358d0deb05e22e9190356f31814cc768_JaffaCakes118.doc
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
358d0deb05e22e9190356f31814cc768_JaffaCakes118.doc
Resource
win10v2004-20240426-en
Malware Config
Extracted
http://katleyafloreria.com/n0vpOjlS
http://ingramjapan.com/h9XwHYQu
http://farmsys.scketon.com/GKGY9e4v
http://truenorthtimber.com/CSncj8f
http://karditsa.org/ohCJotRf8F
Targets
-
-
Target
358d0deb05e22e9190356f31814cc768_JaffaCakes118
-
Size
323KB
-
MD5
358d0deb05e22e9190356f31814cc768
-
SHA1
fd5b594092d9c0956c58fa784aeac6b33db728c6
-
SHA256
8f3d11ee0a6f59a0a86ea7bb4989e22cf4463d729f8aabb931457556aaf87797
-
SHA512
427f57f2f4f0b78ff99550c1566f2a2fa9b503a67bec2ce02b2ceca3a226d51d921d2294e0728a1bdfc36039288d4fa418b6b95fe63732677de8127e9d0ab306
-
SSDEEP
6144:AG5/BnVfRFJ7KK9aHScdX9znGUbd7e1+gsIUF25Q/YB2KBhCET/Gh:A2n9R/lA5dX9znGUbwggaFJ/YBTT/2
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-