Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
7d6206288b25aab110c64702ba2a50a8_JaffaCakes118
-
Size
252KB
-
Sample
240528-sdgsmsag58
-
MD5
7d6206288b25aab110c64702ba2a50a8
-
SHA1
a144c6334c80302425c731e578e86c0bdde0b7aa
-
SHA256
330ee4f0efd63dbf210487a2063245aaadee2a0e9914d2defea50dc68abc3426
-
SHA512
72d899d44e1806313328d86a4a2b5bf561aad74c8e4016161f68ffa5e337a1a35a2d0a230d559b437e58651775ca8792ac9af3f7087aa9ed23bbf18827c9fc17
-
SSDEEP
3072:6Yy0u8YGgjv+ZvchmkHcI/o1/Vb6///////////////////////////////////x:C0uXnWFchmmcI/o1/S2yMRe
Behavioral task
behavioral1
Sample
7d6206288b25aab110c64702ba2a50a8_JaffaCakes118.doc
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
7d6206288b25aab110c64702ba2a50a8_JaffaCakes118.doc
Resource
win10v2004-20240508-en
Malware Config
Extracted
http://hoagietesting10.com/wp-content/SJ/
http://iscamenabe.com/wp-content/1PR/
http://vietmade.org/wp-admin/8/
http://www.filamchimovies.com/wp-admin/8/
https://strattonmobile.com/wp-content/yl/
https://blog.qgdxzs.com/wp-admin/I/
http://vietsex.pro/wp-content/PX/
Targets
-
-
Target
7d6206288b25aab110c64702ba2a50a8_JaffaCakes118
-
Size
252KB
-
MD5
7d6206288b25aab110c64702ba2a50a8
-
SHA1
a144c6334c80302425c731e578e86c0bdde0b7aa
-
SHA256
330ee4f0efd63dbf210487a2063245aaadee2a0e9914d2defea50dc68abc3426
-
SHA512
72d899d44e1806313328d86a4a2b5bf561aad74c8e4016161f68ffa5e337a1a35a2d0a230d559b437e58651775ca8792ac9af3f7087aa9ed23bbf18827c9fc17
-
SSDEEP
3072:6Yy0u8YGgjv+ZvchmkHcI/o1/Vb6///////////////////////////////////x:C0uXnWFchmmcI/o1/S2yMRe
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-