Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
7cbc1462f5637a32c4190e3e77fafcc9_JaffaCakes118
-
Size
61KB
-
Sample
240528-m61tbshf45
-
MD5
7cbc1462f5637a32c4190e3e77fafcc9
-
SHA1
398c0fa69c41414f947cccfdfa79622a1f84339f
-
SHA256
8a4e041bb4f82295c9206e68918f7c0e4278a8cdb2b6108e87a1869d6870a615
-
SHA512
c179dae1eb0cc32fdcbcec41e305935205e6ec88f7ba4b528b2874ec4267dcc2def17ae27d562fd524d37a7e7385e9bf523bb1439f3f6711547d94d2586fc52e
-
SSDEEP
1536:aO+eUd+OApUP2JCZpMfANCGImXMOtOeJpyeewe6OB3:xbADdMYujOtOeJpyee33
Behavioral task
behavioral1
Sample
sample.doc
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
sample.doc
Resource
win10v2004-20240508-en
Malware Config
Extracted
http://cnnmediaservices.com/wp-admin/czBMOhz/
http://ak3.net/t0XJ/
http://ovday.com/1umq/S5IWl04/
http://gch7.com/wp-includes/Nkwp/
http://chengmikeji.com/wp-includes/9QQ/
http://blog.anseeing.com/sys-cache/h/
http://1sync-wp.x.opencrm.eu/wp-content/Bu/
Targets
-
-
Target
sample
-
Size
152KB
-
MD5
2e4cf5654fa9412b4db2b6d281a19a13
-
SHA1
99c9c0828e5bcb035734e3ac21a8da649a5b5f77
-
SHA256
9f39d3f8edf0e13fb2226e79b569714a44fe33fcb890f0ed2117bd5522757de2
-
SHA512
8923ff1cab7bc08edd38ee188dc29aae0fb9b37f1d841324b6ed35b2e65cb7add7fd4602fe9240548d19e6e2fdfbb1473e9793ce84f54bc9bd27c9cb2034dcf7
-
SSDEEP
1536:VCOIDQhDHR4OIDQhDHRdrdi1Ir77zOH98Wj2gpngB+a9q7Qb4HrO4u5Hg:VzrfrzOH98ipgO7I4HrO4u5Hg
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-