Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
7cd63ff32e8b18c9170d799399e087f5_JaffaCakes118
-
Size
158KB
-
Sample
240528-nw2hjshg8v
-
MD5
7cd63ff32e8b18c9170d799399e087f5
-
SHA1
0ee3d3fbc8ebb21a6ff95140d9ec91e51f5cf2b0
-
SHA256
8ddd94df2c8a4bc7158c11c1f70df46ba8e7d760b8888125a4f179fee83a0846
-
SHA512
cbb3ea1b594eb366466ff368d1b7f1703c7fe965e7b64d92b3d7401d86bce1a7fe5485cd590e6c840ac3030b96cf76a38f93a12f5aef223bcf02af7b956fe2e1
-
SSDEEP
1536:a0a0Grdi1Ir77zOH98Wj2gpngd+a9xg8fx5EvGtaRWfjPYKwA0suw+2lEsSp:WrfrzOH98ipgn+4Esu
Behavioral task
behavioral1
Sample
7cd63ff32e8b18c9170d799399e087f5_JaffaCakes118.doc
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
7cd63ff32e8b18c9170d799399e087f5_JaffaCakes118.doc
Resource
win10v2004-20240426-en
Malware Config
Extracted
http://zcomunicacion.com/wp-admin/Z/
http://cooldoggraphics.com/wp-content/Pge/
http://canyonplastering.com/wp-content/ZWX/
https://stochile.com/sto/PKP/
http://voxdream.com/wp-includes/rd/
https://www.valetourvirtual.com/vapor/mp/
http://z.89fk.top/user/e/
Targets
-
-
Target
7cd63ff32e8b18c9170d799399e087f5_JaffaCakes118
-
Size
158KB
-
MD5
7cd63ff32e8b18c9170d799399e087f5
-
SHA1
0ee3d3fbc8ebb21a6ff95140d9ec91e51f5cf2b0
-
SHA256
8ddd94df2c8a4bc7158c11c1f70df46ba8e7d760b8888125a4f179fee83a0846
-
SHA512
cbb3ea1b594eb366466ff368d1b7f1703c7fe965e7b64d92b3d7401d86bce1a7fe5485cd590e6c840ac3030b96cf76a38f93a12f5aef223bcf02af7b956fe2e1
-
SSDEEP
1536:a0a0Grdi1Ir77zOH98Wj2gpngd+a9xg8fx5EvGtaRWfjPYKwA0suw+2lEsSp:WrfrzOH98ipgn+4Esu
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-