Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
7cbc035a36c551b5fe9e64b6cfc1bc98_JaffaCakes118
-
Size
159KB
-
Sample
240528-m6zahage31
-
MD5
7cbc035a36c551b5fe9e64b6cfc1bc98
-
SHA1
8c090f4ca9e968f478a97072cfc57e77a94702e4
-
SHA256
f70ea918a341bcfde45c7e4d28f4c98daf8db0826b0682f29a94d695991e0016
-
SHA512
cf4de7c4bb5f62043c3779d497e9a54f5c5a1f27ea35abd543ff296187ded2d31e65a5a4b8cb9646a136976533ff81a7c96708588c7de7901d8c1d2f57b5c412
-
SSDEEP
1536:kcLzncLzMrdi1Ir77zOH98Wj2gpngx+a9pLln2/5M+:9rfrzOH98ipg1L05M+
Behavioral task
behavioral1
Sample
7cbc035a36c551b5fe9e64b6cfc1bc98_JaffaCakes118.doc
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
7cbc035a36c551b5fe9e64b6cfc1bc98_JaffaCakes118.doc
Resource
win10v2004-20240508-en
Malware Config
Extracted
http://wynn838.com/wp-content/enE/
https://sertres.com/ivmej/p/
https://viaje-achina.com/wp-admin/aG/
https://aszcasino.com/aszdemo/AGA/
https://bintangremaja.com/wp-content/U/
https://phongkhamthaiduongbienhoa.vn/wp-admin/Z/
http://hk.olivellaline.com/gbi1e/2/
Targets
-
-
Target
7cbc035a36c551b5fe9e64b6cfc1bc98_JaffaCakes118
-
Size
159KB
-
MD5
7cbc035a36c551b5fe9e64b6cfc1bc98
-
SHA1
8c090f4ca9e968f478a97072cfc57e77a94702e4
-
SHA256
f70ea918a341bcfde45c7e4d28f4c98daf8db0826b0682f29a94d695991e0016
-
SHA512
cf4de7c4bb5f62043c3779d497e9a54f5c5a1f27ea35abd543ff296187ded2d31e65a5a4b8cb9646a136976533ff81a7c96708588c7de7901d8c1d2f57b5c412
-
SSDEEP
1536:kcLzncLzMrdi1Ir77zOH98Wj2gpngx+a9pLln2/5M+:9rfrzOH98ipg1L05M+
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-