Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
4d8721014a4b725904caefafb0b0648d_JaffaCakes118
-
Size
190KB
-
Sample
240516-3caytaea65
-
MD5
4d8721014a4b725904caefafb0b0648d
-
SHA1
49793c41dd2a025430b9ef2efc1a8f92350e7d74
-
SHA256
33e168b521382917594b49a8c47277c2f6dab44b32fa8e09073ec5f80ccd1480
-
SHA512
17723e10055874d2aa1004f87af86446fc836ac4515e7e290b8d1551508bece27230e1f64047a17768a0b5bb1fd6afa28078a7ca89b228aa643a64518bf86761
-
SSDEEP
3072:i9ufstRUUKSns8T00JSHUgteMJ8qMD7gj+0zKNf9cfmfE7qdmVJKk/Juvc5a8a8b:i9ufsfgIf0pLhKby
Static task
static1
Behavioral task
behavioral1
Sample
4d8721014a4b725904caefafb0b0648d_JaffaCakes118.doc
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
4d8721014a4b725904caefafb0b0648d_JaffaCakes118.doc
Resource
win10v2004-20240226-en
Malware Config
Extracted
http://reklamdasiniz.com/wp-admin/W/
http://www.paramedicaleducationguidelines.com/wp-admin/7S/
http://bimasoftcbt.maannajahjakarta.com/wp-admin/i3K/
http://casualhome.com/wp-admin/Y/
https://aemine.vn/wp-admin/KMq/
http://aahnaturals.net/wp-includes/A3/
https://sbsec.org/bsadmin-portal/1nf/
Targets
-
-
Target
4d8721014a4b725904caefafb0b0648d_JaffaCakes118
-
Size
190KB
-
MD5
4d8721014a4b725904caefafb0b0648d
-
SHA1
49793c41dd2a025430b9ef2efc1a8f92350e7d74
-
SHA256
33e168b521382917594b49a8c47277c2f6dab44b32fa8e09073ec5f80ccd1480
-
SHA512
17723e10055874d2aa1004f87af86446fc836ac4515e7e290b8d1551508bece27230e1f64047a17768a0b5bb1fd6afa28078a7ca89b228aa643a64518bf86761
-
SSDEEP
3072:i9ufstRUUKSns8T00JSHUgteMJ8qMD7gj+0zKNf9cfmfE7qdmVJKk/Juvc5a8a8b:i9ufsfgIf0pLhKby
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-