Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
5f1bbe19a2333cb402ac624a46014f28_JaffaCakes118
-
Size
154KB
-
Sample
240520-ptr2rsbg6s
-
MD5
5f1bbe19a2333cb402ac624a46014f28
-
SHA1
6bcd62ad194559166fbd621ff40d5069cc5b2d38
-
SHA256
e203577dadb325bd364b0a6609b5aa2b4df457ba261810b3e5416950dff54c8f
-
SHA512
089efbe2850665db146361b3cf64f9701e93d01dd270f500e0a0206fbdffcd5b8a86cda85a3a08c9af70c66fad01245026237bcf7105f4ba9cbcca8356e7f64c
-
SSDEEP
1536:cQYIQYjrdi1Ir77zOH98Wj2gpngB+a94+dRXalfAW66uud+BbN+rEw1:vrfrzOH98ipgXRE66uuoBsEw1
Behavioral task
behavioral1
Sample
5f1bbe19a2333cb402ac624a46014f28_JaffaCakes118.doc
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
5f1bbe19a2333cb402ac624a46014f28_JaffaCakes118.doc
Resource
win10v2004-20240508-en
Malware Config
Extracted
http://givingthanksdaily.com/web/VK/
http://tskgear.com/wp-content/uploads/2017/Fo/
http://duolife-partner.com/wp-content/pE/
http://ponturibaschetcristianionut.com/wp-admin/G/
https://mrveggy.com/erros/tS1/
http://ifarmer.com.br/__MACOSX/2w4/
http://uniteddatabase.net/wp-admin/tf/
Targets
-
-
Target
5f1bbe19a2333cb402ac624a46014f28_JaffaCakes118
-
Size
154KB
-
MD5
5f1bbe19a2333cb402ac624a46014f28
-
SHA1
6bcd62ad194559166fbd621ff40d5069cc5b2d38
-
SHA256
e203577dadb325bd364b0a6609b5aa2b4df457ba261810b3e5416950dff54c8f
-
SHA512
089efbe2850665db146361b3cf64f9701e93d01dd270f500e0a0206fbdffcd5b8a86cda85a3a08c9af70c66fad01245026237bcf7105f4ba9cbcca8356e7f64c
-
SSDEEP
1536:cQYIQYjrdi1Ir77zOH98Wj2gpngB+a94+dRXalfAW66uud+BbN+rEw1:vrfrzOH98ipgXRE66uuoBsEw1
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-