Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
7f3b775ee8cec83bdfe8e0747ba969b1_JaffaCakes118
-
Size
163KB
-
Sample
240529-c3gwyaga59
-
MD5
7f3b775ee8cec83bdfe8e0747ba969b1
-
SHA1
2fa3261dab59770006e6dfb8a19bb0a07cbb1e4b
-
SHA256
f1015f29157f28368210d1dd62f775bb1bab85fa3986d32868d994cd677eae60
-
SHA512
95805f4e9142beb89f39c388442cfe1fe9834df4eeb7d88d8cc8aa0c6dcb4cef0d04d70fba4b347afd228f4e64df4c18371c841847d00bb8e93764f9efae9915
-
SSDEEP
1536:VAhXAhordi1Ir77zOH98Wj2gpngN+a9Lay9y0J6f264NUs:mrfrzOH98ipgpPJ6fQUs
Behavioral task
behavioral1
Sample
7f3b775ee8cec83bdfe8e0747ba969b1_JaffaCakes118.doc
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
7f3b775ee8cec83bdfe8e0747ba969b1_JaffaCakes118.doc
Resource
win10v2004-20240426-en
Malware Config
Extracted
http://www.yusukelife.com/wp/ure/
https://www.ingyouth.com/wp-includes/0zCW/
http://alphapharma247.com/wp-content/plugins/r/
http://muanha24h.com/wp-content/fHS7/
http://buyhacks.net/wp-content/jgLqdhk/
https://comsotaque.com/wp-includes/5i/
https://qualitychildcarepreschool.com/emqblk/Ik2D/
Targets
-
-
Target
7f3b775ee8cec83bdfe8e0747ba969b1_JaffaCakes118
-
Size
163KB
-
MD5
7f3b775ee8cec83bdfe8e0747ba969b1
-
SHA1
2fa3261dab59770006e6dfb8a19bb0a07cbb1e4b
-
SHA256
f1015f29157f28368210d1dd62f775bb1bab85fa3986d32868d994cd677eae60
-
SHA512
95805f4e9142beb89f39c388442cfe1fe9834df4eeb7d88d8cc8aa0c6dcb4cef0d04d70fba4b347afd228f4e64df4c18371c841847d00bb8e93764f9efae9915
-
SSDEEP
1536:VAhXAhordi1Ir77zOH98Wj2gpngN+a9Lay9y0J6f264NUs:mrfrzOH98ipgpPJ6fQUs
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-