Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
409e6844a25e1e2066eda833da6968e7_JaffaCakes118
-
Size
159KB
-
Sample
240514-hv9vmsee6y
-
MD5
409e6844a25e1e2066eda833da6968e7
-
SHA1
66a4f1bec5bccc0c85ee37e7e6c6783758f0da11
-
SHA256
e82e2f66ed32cd20f0d00ec484e270ab47084cb2fe8f88e1f00b9eb507e30168
-
SHA512
d7647dc3360f763be2a64edc2f72a16d29ac7a8bcc99313e33068cd59fd56976c3906af03f125bb050b4873f9185d364610abf5ea4adb77eafc99522efe20627
-
SSDEEP
1536:+iaqasrdi1Ir77zOH98Wj2gpngx+a9hxRiqLE8ct2PU7eXKSSxH5ppJxjFWT:+0rfrzOH98ipgZkJxjFWT
Behavioral task
behavioral1
Sample
409e6844a25e1e2066eda833da6968e7_JaffaCakes118.doc
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
409e6844a25e1e2066eda833da6968e7_JaffaCakes118.doc
Resource
win10v2004-20240508-en
Malware Config
Extracted
http://77yxx.com/b5rh/bZxS/
http://shahramookht.com/t1k12k7t/8jq/
http://www.aciitaly.com/adminer-master/gkI/
https://codelta.es/images/9S35FR/
https://burstoutloud.com/PPL/Hf/
https://targetin.com/Silder-1/naK/
http://dbestfishing.com.sg/67s/wfe/
Targets
-
-
Target
409e6844a25e1e2066eda833da6968e7_JaffaCakes118
-
Size
159KB
-
MD5
409e6844a25e1e2066eda833da6968e7
-
SHA1
66a4f1bec5bccc0c85ee37e7e6c6783758f0da11
-
SHA256
e82e2f66ed32cd20f0d00ec484e270ab47084cb2fe8f88e1f00b9eb507e30168
-
SHA512
d7647dc3360f763be2a64edc2f72a16d29ac7a8bcc99313e33068cd59fd56976c3906af03f125bb050b4873f9185d364610abf5ea4adb77eafc99522efe20627
-
SSDEEP
1536:+iaqasrdi1Ir77zOH98Wj2gpngx+a9hxRiqLE8ct2PU7eXKSSxH5ppJxjFWT:+0rfrzOH98ipgZkJxjFWT
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-