Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
7c79dec80eab0c95c78ab3b2ccef3288_JaffaCakes118
-
Size
162KB
-
Sample
240528-levbssea51
-
MD5
7c79dec80eab0c95c78ab3b2ccef3288
-
SHA1
488b1456fd6b26623e454a4e8d30b456634d8208
-
SHA256
81983dc7aafe553288da4cba600941f7d593f8956e9e828fe4d98b19d76627be
-
SHA512
c6092c6f48b8ad2e2aeb005be442a9c99caba0a43091e74d6459c9eb26fa78e1bad07e7afda9d9ee21e6c675cbc0ce8531dbac03774c17b68274ea2b2d16c880
-
SSDEEP
1536:8Ij9atFqpRIj9atFqpvrdi1Ir77zOH98Wj2gpngB+a9zJU3N7NSP9um:2rfrzOH98ipgxm7NSVZ
Behavioral task
behavioral1
Sample
7c79dec80eab0c95c78ab3b2ccef3288_JaffaCakes118.doc
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
7c79dec80eab0c95c78ab3b2ccef3288_JaffaCakes118.doc
Resource
win10v2004-20240426-en
Malware Config
Extracted
https://templatejson.com/awrrn/Kw10uo/
https://hosting.mybestheme.com/aikjj0q/8/
https://tastes2plate.com/wp-content/uploads/6/
http://madeirawildlife.com/wp-admin/zuWZW/
http://senyumdesa.org/wp-admin/aC4/
https://ibuyoldwebsites.com/modules/QVtEr7/
http://blog.zunapro.com/wp-admin/js/widgets/EH4agl/
Targets
-
-
Target
7c79dec80eab0c95c78ab3b2ccef3288_JaffaCakes118
-
Size
162KB
-
MD5
7c79dec80eab0c95c78ab3b2ccef3288
-
SHA1
488b1456fd6b26623e454a4e8d30b456634d8208
-
SHA256
81983dc7aafe553288da4cba600941f7d593f8956e9e828fe4d98b19d76627be
-
SHA512
c6092c6f48b8ad2e2aeb005be442a9c99caba0a43091e74d6459c9eb26fa78e1bad07e7afda9d9ee21e6c675cbc0ce8531dbac03774c17b68274ea2b2d16c880
-
SSDEEP
1536:8Ij9atFqpRIj9atFqpvrdi1Ir77zOH98Wj2gpngB+a9zJU3N7NSP9um:2rfrzOH98ipgxm7NSVZ
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-