Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
7c29def6f04b4cecf5a030c052ab31ee_JaffaCakes118
-
Size
229KB
-
Sample
240528-h77aaaag9x
-
MD5
7c29def6f04b4cecf5a030c052ab31ee
-
SHA1
90c030b29c152ee83607efd9d0f02ced4ca30a41
-
SHA256
54df62d76577ab1dcc9c7245f1bcae17e8b7e93da9016cc284a16001fed3e106
-
SHA512
d4dd76abd48007e314370f7b901b512a5a9c2eb35a61afffdca2eb0ba42eae25f4387bc056942918f14b9ca21b889a93633998699a52b1ccf95792eb986740bf
-
SSDEEP
3072:yj6yw1MgpQiBhGWb6esLbTh8YuyDRBFtdfGkw0HzJw9ffRe:yHgtEWPsL/aTyT9Gkw8zJw9ffRe
Behavioral task
behavioral1
Sample
7c29def6f04b4cecf5a030c052ab31ee_JaffaCakes118.doc
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
7c29def6f04b4cecf5a030c052ab31ee_JaffaCakes118.doc
Resource
win10v2004-20240426-en
Malware Config
Extracted
http://arsan.com.br/img_b2w/jstgflap98/
http://koester-pb.de/cgi-bin/HoDIPqV/
http://aragonmetal.com/_installation/LPMGMZroO/
https://www.witdigi.com/wp-content/uploads/iBeE/
http://yellowstonefitness.com/j5es7cx/QgLkys4ga64g228/
Targets
-
-
Target
7c29def6f04b4cecf5a030c052ab31ee_JaffaCakes118
-
Size
229KB
-
MD5
7c29def6f04b4cecf5a030c052ab31ee
-
SHA1
90c030b29c152ee83607efd9d0f02ced4ca30a41
-
SHA256
54df62d76577ab1dcc9c7245f1bcae17e8b7e93da9016cc284a16001fed3e106
-
SHA512
d4dd76abd48007e314370f7b901b512a5a9c2eb35a61afffdca2eb0ba42eae25f4387bc056942918f14b9ca21b889a93633998699a52b1ccf95792eb986740bf
-
SSDEEP
3072:yj6yw1MgpQiBhGWb6esLbTh8YuyDRBFtdfGkw0HzJw9ffRe:yHgtEWPsL/aTyT9Gkw8zJw9ffRe
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-