Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
7d44686ad010e6c6a56a9c1762667b7d_JaffaCakes118
-
Size
596KB
-
Sample
240528-rmh7dshh36
-
MD5
7d44686ad010e6c6a56a9c1762667b7d
-
SHA1
defcebe402ac31697d3c210f8396fc10b7556cf4
-
SHA256
81e82ca86ebdac978dffeb26fbea7c54ce708b0346f465316234145f23d75372
-
SHA512
573f7b05cb08e403ef52a3da5bfa6058f342b5f1bea750df3e3e65a8e271bfeb54520d6a7259fe953d3a40591e142bde69360721c77ec4eb2488f3779d22ea9a
-
SSDEEP
12288:ZLW+FnvexqD0SoENuJUDcrnGMOAiKe6EbMVLD:ZC+Fn2QDpuJUDcCMOAiEEsD
Behavioral task
behavioral1
Sample
7d44686ad010e6c6a56a9c1762667b7d_JaffaCakes118.xlsm
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
7d44686ad010e6c6a56a9c1762667b7d_JaffaCakes118.xlsm
Resource
win10v2004-20240426-en
Malware Config
Extracted
https://mcma1.com/greatness.exe
Targets
-
-
Target
7d44686ad010e6c6a56a9c1762667b7d_JaffaCakes118
-
Size
596KB
-
MD5
7d44686ad010e6c6a56a9c1762667b7d
-
SHA1
defcebe402ac31697d3c210f8396fc10b7556cf4
-
SHA256
81e82ca86ebdac978dffeb26fbea7c54ce708b0346f465316234145f23d75372
-
SHA512
573f7b05cb08e403ef52a3da5bfa6058f342b5f1bea750df3e3e65a8e271bfeb54520d6a7259fe953d3a40591e142bde69360721c77ec4eb2488f3779d22ea9a
-
SSDEEP
12288:ZLW+FnvexqD0SoENuJUDcrnGMOAiKe6EbMVLD:ZC+Fn2QDpuJUDcCMOAiEEsD
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-