Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
6ae87dcf399fd436295324af614bfe7d_JaffaCakes118
-
Size
83KB
-
Sample
240523-pe82qsgh26
-
MD5
6ae87dcf399fd436295324af614bfe7d
-
SHA1
94961851f49f5b8972bf21eac49a2422265af154
-
SHA256
e5acae3216827c1b58921810d5440ee5453284b3ebb1637de2cce0f8d60f126f
-
SHA512
c0a32402c707238b6f733396bf47a3e492fa9aef56e7ab7bd2411d9b297a60813f2eca7dc4beae0ac2f942037e09da08031ec1134ddd8755a61cadf4c1aa7837
-
SSDEEP
1536:WptJlmrJpmxlRw99NBO+aKz6Qaqya5XJJue+xT:ate2dw99fWqb5zu
Behavioral task
behavioral1
Sample
6ae87dcf399fd436295324af614bfe7d_JaffaCakes118.doc
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
6ae87dcf399fd436295324af614bfe7d_JaffaCakes118.doc
Resource
win10v2004-20240508-en
Malware Config
Extracted
http://kulikovonn.ru/l5vT7q19U
http://optics-line.com/vUUp9ygDE
http://lonestarcustompainting.com/BLC3RY4O
http://montegrappa.com.pa/OkyoMANm
http://kristianmarlow.com/mhFm2oA4Q
Targets
-
-
Target
6ae87dcf399fd436295324af614bfe7d_JaffaCakes118
-
Size
83KB
-
MD5
6ae87dcf399fd436295324af614bfe7d
-
SHA1
94961851f49f5b8972bf21eac49a2422265af154
-
SHA256
e5acae3216827c1b58921810d5440ee5453284b3ebb1637de2cce0f8d60f126f
-
SHA512
c0a32402c707238b6f733396bf47a3e492fa9aef56e7ab7bd2411d9b297a60813f2eca7dc4beae0ac2f942037e09da08031ec1134ddd8755a61cadf4c1aa7837
-
SSDEEP
1536:WptJlmrJpmxlRw99NBO+aKz6Qaqya5XJJue+xT:ate2dw99fWqb5zu
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
An obfuscated cmd.exe command-line is typically used to evade detection.
-