Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
7d35c1380183a81281ce722d0b5bb22f_JaffaCakes118
-
Size
243KB
-
Sample
240528-q9wwbsgb8y
-
MD5
7d35c1380183a81281ce722d0b5bb22f
-
SHA1
35d47990c49015646f9be371f70deb3f79901b9e
-
SHA256
afbed587663a091e9d854414f1b31bb9153040f7bf5c1684b483e23027a341f4
-
SHA512
5078ee767f9173f981499f2927e662288713c98eb90d124238673345b4a6fd396477201aee4ac35a94be74fe7bb04c49e604d20aefdd21e2b8a13aff20d06cde
-
SSDEEP
3072:XYy0u8YGgjv+ZvchmkHcI/o1/Vb6///////////////////////////////////D:Z0uXnWFchmmcI/o1/ijj
Behavioral task
behavioral1
Sample
7d35c1380183a81281ce722d0b5bb22f_JaffaCakes118.doc
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
7d35c1380183a81281ce722d0b5bb22f_JaffaCakes118.doc
Resource
win10v2004-20240426-en
Malware Config
Extracted
http://localesfavoritos.com/wp-admin/c/
http://generalstorebd.com/wp-admin/pvI/
https://agrotradespecialist.com/re/xq/
http://laladiwanchandmodernwrestlingandyogacentre.com/wp-content/kg/
http://zzuzhi.xuezha.vip/themes/P/
http://octopusconsults.com/wp-content/En7/
https://minilillie.com/8npku7/b/
Targets
-
-
Target
7d35c1380183a81281ce722d0b5bb22f_JaffaCakes118
-
Size
243KB
-
MD5
7d35c1380183a81281ce722d0b5bb22f
-
SHA1
35d47990c49015646f9be371f70deb3f79901b9e
-
SHA256
afbed587663a091e9d854414f1b31bb9153040f7bf5c1684b483e23027a341f4
-
SHA512
5078ee767f9173f981499f2927e662288713c98eb90d124238673345b4a6fd396477201aee4ac35a94be74fe7bb04c49e604d20aefdd21e2b8a13aff20d06cde
-
SSDEEP
3072:XYy0u8YGgjv+ZvchmkHcI/o1/Vb6///////////////////////////////////D:Z0uXnWFchmmcI/o1/ijj
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-