Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
7c71eaf7075fb4f2341c6e96f62bdcd6_JaffaCakes118
-
Size
79KB
-
Sample
240528-k7rkyadf9x
-
MD5
7c71eaf7075fb4f2341c6e96f62bdcd6
-
SHA1
b0eea5f11255aa54de7b74222f8099332044cbd6
-
SHA256
4a2173896009fd1430ee3eebb4ac1c05502aafe2f33b4950ccc459d94f17ad96
-
SHA512
15ec8178c8848de4fddcc35169510dbe554247c4ad209ed22275035fc4cd3d394c9ed93d0eff62cee29f4b67e70bcc2582f98385356d59d0c036cf9d9275d79d
-
SSDEEP
768:qZPoNtwCGc3IUpKqSazfmfgxk/ug7cjo:yo3PWqhzxkHn
Behavioral task
behavioral1
Sample
7c71eaf7075fb4f2341c6e96f62bdcd6_JaffaCakes118.pps
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
7c71eaf7075fb4f2341c6e96f62bdcd6_JaffaCakes118.pps
Resource
win10v2004-20240426-en
Malware Config
Extracted
https://%909123id%909123id%909123id%909123id%909123id%909123id%[email protected]/hjads6d78asdasdhajdzxcz
Targets
-
-
Target
7c71eaf7075fb4f2341c6e96f62bdcd6_JaffaCakes118
-
Size
79KB
-
MD5
7c71eaf7075fb4f2341c6e96f62bdcd6
-
SHA1
b0eea5f11255aa54de7b74222f8099332044cbd6
-
SHA256
4a2173896009fd1430ee3eebb4ac1c05502aafe2f33b4950ccc459d94f17ad96
-
SHA512
15ec8178c8848de4fddcc35169510dbe554247c4ad209ed22275035fc4cd3d394c9ed93d0eff62cee29f4b67e70bcc2582f98385356d59d0c036cf9d9275d79d
-
SSDEEP
768:qZPoNtwCGc3IUpKqSazfmfgxk/ug7cjo:yo3PWqhzxkHn
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-