Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
7c6b9dd46ac501c967cab18020c7e73c_JaffaCakes118
-
Size
79KB
-
Sample
240528-k3cwzsde6y
-
MD5
7c6b9dd46ac501c967cab18020c7e73c
-
SHA1
aa9b26e825fccf8baf3be401ac874815e801d8a8
-
SHA256
2f65b46b0c9b40fb389c4cd9aa06799ea20f4540e33935f57e320e54ab2972a1
-
SHA512
07643ace8cc2d4ebd386b6596121f9586e735b5f2bc53a9db85aec3229402f7b75f734bd3108614edf60038867a6eda8e346d45f7b0a1f61b8143c5626128e9b
-
SSDEEP
1536:u0Yt9I9gWX/ZJVh2Q14DRQSwJu3qpcyUnGrJcoRACDq55y0QK7mbU/LJw1OB8JoJ:u0T1nVh2Q1QaJSqp1UnGrJfDquc1/LJ9
Behavioral task
behavioral1
Sample
2616278123-May_01_2019.doc
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2616278123-May_01_2019.doc
Resource
win10v2004-20240508-en
Malware Config
Extracted
http://webaphobia.com/images/72Ca/
https://montalegrense.graficosassociados.com/keywords/FOYo/
http://purimaro.com/1/ww/
http://jpmtech.com/css/GOOvqd/
http://118.89.215.166/wp-includes/l5/
Targets
-
-
Target
2616278123-May_01_2019.doc
-
Size
141KB
-
MD5
812def2bf386d78cc0fc6ec53359abbd
-
SHA1
3217830b9cf2554343694ed8ef55693a5ec980b1
-
SHA256
852e62a35876c8ed552591964b889621a672b89c641a585f84f5b9f043f51f1e
-
SHA512
4e1276a53531ee98b383843c455784b618d3b67d8b4c6aa8b1b40246cb7a5db1a914e4ed3b1953fcdbe3a4b729e9e8a3b5574c25493ca4e40c72ed3479c38995
-
SSDEEP
3072:k77HUUUUUUUUUUUUUUUUUUUTkOQePu5U8qDnFbHjuTNVg6:k77HUUUUUUUUUUUUUUUUUUUT52VEFbHU
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-