Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
778e36d4666cb974072baed674317ab2_JaffaCakes118
-
Size
77KB
-
Sample
240527-ch39facd9s
-
MD5
778e36d4666cb974072baed674317ab2
-
SHA1
02a82a2f3e193884c9f2a530ca6b777102939e98
-
SHA256
b310420513b142dbff7001fb48a391591d97ffc1ed7564805c978fe60a971c51
-
SHA512
089d9a5988459062a736e14446d536f46385437da2faffe00e651cfdcaae6b1579b1fcac25b1ffa1040adf955e0bc182e353e746cb4e773c80ba8355b32eda1b
-
SSDEEP
1536:3nptJlmrJpmxlRw99NBq+axRc6MT4I6Dhl93tCX:Zte2dw99fHn8
Behavioral task
behavioral1
Sample
778e36d4666cb974072baed674317ab2_JaffaCakes118.doc
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
778e36d4666cb974072baed674317ab2_JaffaCakes118.doc
Resource
win10v2004-20240508-en
Malware Config
Extracted
http://tresillosmunoz.com/2HB
http://tonyleme.com.br/8l3XcSKQ
http://sg2i.com/wwG
http://lunacine.com/CQ
http://www.yuanjhua.com/OwUzt
Targets
-
-
Target
778e36d4666cb974072baed674317ab2_JaffaCakes118
-
Size
77KB
-
MD5
778e36d4666cb974072baed674317ab2
-
SHA1
02a82a2f3e193884c9f2a530ca6b777102939e98
-
SHA256
b310420513b142dbff7001fb48a391591d97ffc1ed7564805c978fe60a971c51
-
SHA512
089d9a5988459062a736e14446d536f46385437da2faffe00e651cfdcaae6b1579b1fcac25b1ffa1040adf955e0bc182e353e746cb4e773c80ba8355b32eda1b
-
SSDEEP
1536:3nptJlmrJpmxlRw99NBq+axRc6MT4I6Dhl93tCX:Zte2dw99fHn8
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
An obfuscated cmd.exe command-line is typically used to evade detection.
-