Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
7d2659bbdc6495785712d8c24a076166_JaffaCakes118
-
Size
209KB
-
Sample
240528-qxkmjagg32
-
MD5
7d2659bbdc6495785712d8c24a076166
-
SHA1
c0552b06c0830efb80903b4e5ba2f6bf2a1253c5
-
SHA256
f6809265a7460ab3d0e927c5fb9399a263172140778b4cc34f6698d9521b3b43
-
SHA512
b580ba553a10adf20fa28a091ffd5337c363114db45d7a8b2bc45d4476e20af35d4f5bd72fb9c8c6afbadf6b9f18cf4e345ab41887dcd2508f5b4065878322b7
-
SSDEEP
3072:0P22TWTogk079THcpOu5UZhN5kmcB/YNY5g8:E/TX07hHcJQbe02x
Behavioral task
behavioral1
Sample
7d2659bbdc6495785712d8c24a076166_JaffaCakes118.doc
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
7d2659bbdc6495785712d8c24a076166_JaffaCakes118.doc
Resource
win10v2004-20240226-en
Malware Config
Extracted
https://waytoger.com/wp-admin/w/
https://jaguarssus.xyz/wp-admin/GfU/
https://learnkalmar.com/wp-includes/VSZ/
http://tiendapablus.net/cgi-bin/SIr/
https://prsaze.com/wp-admin/7a/
https://www.campuscamarafp.com/wp-admin/N/
https://infolockerz.com/wp-content/x/
Targets
-
-
Target
7d2659bbdc6495785712d8c24a076166_JaffaCakes118
-
Size
209KB
-
MD5
7d2659bbdc6495785712d8c24a076166
-
SHA1
c0552b06c0830efb80903b4e5ba2f6bf2a1253c5
-
SHA256
f6809265a7460ab3d0e927c5fb9399a263172140778b4cc34f6698d9521b3b43
-
SHA512
b580ba553a10adf20fa28a091ffd5337c363114db45d7a8b2bc45d4476e20af35d4f5bd72fb9c8c6afbadf6b9f18cf4e345ab41887dcd2508f5b4065878322b7
-
SSDEEP
3072:0P22TWTogk079THcpOu5UZhN5kmcB/YNY5g8:E/TX07hHcJQbe02x
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-