Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
7c3b5ec5c5e75a2dc9c86c6917e7e813_JaffaCakes118
-
Size
189KB
-
Sample
240528-jqlgxscf96
-
MD5
7c3b5ec5c5e75a2dc9c86c6917e7e813
-
SHA1
92b29db13a3d43ba1c727970d1da4de02ef08570
-
SHA256
3bd8620bf36ba8d7e4bfa1477aa62faf1a980ca50783b571fbd71b9e00d36a52
-
SHA512
cb4a131bf177b258f16921f4ee0e69f3954539ceec8253ae48b137767db6d70596fbdef49a8c65d709b92a2aa824ea320ba1ef22be4a9a37007a64a581f9ea07
-
SSDEEP
3072:uvHv22TWTogk079THcpOu5UZmNu81zUz4LKpr:E/TX07hHcJQauezUELGr
Behavioral task
behavioral1
Sample
7c3b5ec5c5e75a2dc9c86c6917e7e813_JaffaCakes118.doc
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
7c3b5ec5c5e75a2dc9c86c6917e7e813_JaffaCakes118.doc
Resource
win10v2004-20240426-en
Malware Config
Extracted
http://minershallmuseum.com/documents/D/
http://injazjordan.com/moodle/Vh/
https://site1.xyz/wp-admin/Y/
http://2bstone.com/vr7tf0c/ZD/
http://biology-360.com/wp-admin/hv/
http://tez-tour.site/wp-content/9sB/
http://iooe.cn/wp-content/hdO/
Targets
-
-
Target
7c3b5ec5c5e75a2dc9c86c6917e7e813_JaffaCakes118
-
Size
189KB
-
MD5
7c3b5ec5c5e75a2dc9c86c6917e7e813
-
SHA1
92b29db13a3d43ba1c727970d1da4de02ef08570
-
SHA256
3bd8620bf36ba8d7e4bfa1477aa62faf1a980ca50783b571fbd71b9e00d36a52
-
SHA512
cb4a131bf177b258f16921f4ee0e69f3954539ceec8253ae48b137767db6d70596fbdef49a8c65d709b92a2aa824ea320ba1ef22be4a9a37007a64a581f9ea07
-
SSDEEP
3072:uvHv22TWTogk079THcpOu5UZmNu81zUz4LKpr:E/TX07hHcJQauezUELGr
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-