Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
7cd365e9fc1e63d44953c7854cbc92a9_JaffaCakes118
-
Size
156KB
-
Sample
240528-nts4dsae62
-
MD5
7cd365e9fc1e63d44953c7854cbc92a9
-
SHA1
0008fee0ace32bee0e173793204ad80b6d1fd839
-
SHA256
d1e10391df7fab080987c6384491a27d50f470c9b1a602417f322c06a79a5954
-
SHA512
2fc7e1c274484044431363f45a102f63134e6b9d755102e11d342c7901e0f4cd69cfb961400bd3d1bacda547687e55215b0214ae4392bc362fe15fe2a7c4a500
-
SSDEEP
1536:IA3Aerdi1Ir77zOH98Wj2gpngB+a9A2eRz/CnQ:prfrzOH98ipgkV6nQ
Behavioral task
behavioral1
Sample
7cd365e9fc1e63d44953c7854cbc92a9_JaffaCakes118.doc
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
7cd365e9fc1e63d44953c7854cbc92a9_JaffaCakes118.doc
Resource
win10v2004-20240426-en
Malware Config
Extracted
http://belhao.com/wp-includes/gg/
http://badacareer.com/5f2o/hN/
http://siili.net/wp-admin/dnE/
https://sulselekspres.com/TEST777/a/
http://nouralanwar.com/cgfo/k/
https://povedavicedo.com/wp-admin/E5/
https://shoyannutrition.com/wp-includes/kn/
Targets
-
-
Target
7cd365e9fc1e63d44953c7854cbc92a9_JaffaCakes118
-
Size
156KB
-
MD5
7cd365e9fc1e63d44953c7854cbc92a9
-
SHA1
0008fee0ace32bee0e173793204ad80b6d1fd839
-
SHA256
d1e10391df7fab080987c6384491a27d50f470c9b1a602417f322c06a79a5954
-
SHA512
2fc7e1c274484044431363f45a102f63134e6b9d755102e11d342c7901e0f4cd69cfb961400bd3d1bacda547687e55215b0214ae4392bc362fe15fe2a7c4a500
-
SSDEEP
1536:IA3Aerdi1Ir77zOH98Wj2gpngB+a9A2eRz/CnQ:prfrzOH98ipgkV6nQ
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-