Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
7cd6f406ad6dde09d3697bd9dbb32cbc_JaffaCakes118
-
Size
214KB
-
Sample
240528-nxp6xahh7s
-
MD5
7cd6f406ad6dde09d3697bd9dbb32cbc
-
SHA1
23292ee3473a527c1eedb6032efd7ab33a69ff93
-
SHA256
3f0d53be0681ca0b025e12e57da569607681b4b3f06849aa66b7ca1d4b1f47a0
-
SHA512
11d59452d0d09787d844597bfd0aaca52678f24fb5ad9f6f85dd354323344436c350696c8c216438fb6da9f15a91b68915a5e286ebc3e3e7a28601da4c2ce516
-
SSDEEP
1536:2B445TEgrO3jSWAg83tle1ZZ0293QM0eetR2cOupLB5UZ55+a9GkLShGkVAelnX6:222TWTogk079THcpOu5UZVWhGMlnSL
Behavioral task
behavioral1
Sample
7cd6f406ad6dde09d3697bd9dbb32cbc_JaffaCakes118.doc
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
7cd6f406ad6dde09d3697bd9dbb32cbc_JaffaCakes118.doc
Resource
win10v2004-20240426-en
Malware Config
Extracted
http://dongyabingfu.com/wp-includes/w/
http://givingthanksdaily.com/Q/
http://uniteddatabase.net/wp-admin/dhJ/
http://www.gozowindmill.com/meteo/nmy/
http://kcdryervents.com/ca/D/
http://www.greaudstudio.com/docs/kGQ/
https://mrveggy.com/erros/3Ss/
Targets
-
-
Target
7cd6f406ad6dde09d3697bd9dbb32cbc_JaffaCakes118
-
Size
214KB
-
MD5
7cd6f406ad6dde09d3697bd9dbb32cbc
-
SHA1
23292ee3473a527c1eedb6032efd7ab33a69ff93
-
SHA256
3f0d53be0681ca0b025e12e57da569607681b4b3f06849aa66b7ca1d4b1f47a0
-
SHA512
11d59452d0d09787d844597bfd0aaca52678f24fb5ad9f6f85dd354323344436c350696c8c216438fb6da9f15a91b68915a5e286ebc3e3e7a28601da4c2ce516
-
SSDEEP
1536:2B445TEgrO3jSWAg83tle1ZZ0293QM0eetR2cOupLB5UZ55+a9GkLShGkVAelnX6:222TWTogk079THcpOu5UZVWhGMlnSL
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-