Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
425d9a1f5eb07f8ba4ed354c757bb72e_JaffaCakes118
-
Size
9KB
-
Sample
240514-watvksgd2w
-
MD5
425d9a1f5eb07f8ba4ed354c757bb72e
-
SHA1
c96f2b98374f7e2328f1e1ab80eed15fb6048198
-
SHA256
92a44d57e21fb7eb09cd897249ae3d2b3822f05f86846f9d3dfe9f750e96b362
-
SHA512
c68e905289f1c6311b32084e55015adb97451a183aa4c228f320957b4b2fccaf6a4fa930d880632e03d44d77e8ab5fb51014cf33c0cdafae1c5e179faf51ab86
-
SSDEEP
96:5W9ZUDRCWmCqm9RYs8A3CNiLUB2cZmNwMwGgSe3OhTy/33s1l/S:0ulhc0222zGgJ3OhTy/cS
Static task
static1
Behavioral task
behavioral1
Sample
425d9a1f5eb07f8ba4ed354c757bb72e_JaffaCakes118.vbs
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
425d9a1f5eb07f8ba4ed354c757bb72e_JaffaCakes118.vbs
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
425d9a1f5eb07f8ba4ed354c757bb72e_JaffaCakes118
-
Size
9KB
-
MD5
425d9a1f5eb07f8ba4ed354c757bb72e
-
SHA1
c96f2b98374f7e2328f1e1ab80eed15fb6048198
-
SHA256
92a44d57e21fb7eb09cd897249ae3d2b3822f05f86846f9d3dfe9f750e96b362
-
SHA512
c68e905289f1c6311b32084e55015adb97451a183aa4c228f320957b4b2fccaf6a4fa930d880632e03d44d77e8ab5fb51014cf33c0cdafae1c5e179faf51ab86
-
SSDEEP
96:5W9ZUDRCWmCqm9RYs8A3CNiLUB2cZmNwMwGgSe3OhTy/33s1l/S:0ulhc0222zGgJ3OhTy/cS
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Adds Run key to start application
-
Drops file in System32 directory
-