Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
8276b8d012af8de62e9fb51a491c92d1_JaffaCakes118
-
Size
154KB
-
Sample
240530-ag9nqagb84
-
MD5
8276b8d012af8de62e9fb51a491c92d1
-
SHA1
478ebc666f5cdbbd5020c8dc46ea06c32cf24b6b
-
SHA256
b75def84d6907e45b5d49294b334f5691628413ba5ddb2c9e22e6d3e56992f63
-
SHA512
069e0fb89f9a98b0afc5ec43eb896e8248a0a040d82f20661c15f703f6111ff3a8eb85326a3e91f1373c694928068a8a57180fce73b19b0833ba6142930f888c
-
SSDEEP
1536:CJ0ZsWTJ0ZsWirdi1Ir77zOH98Wj2gpngR+a9xQ54LW06u:5rfrzOH98ipgt+qD6u
Behavioral task
behavioral1
Sample
8276b8d012af8de62e9fb51a491c92d1_JaffaCakes118.doc
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
8276b8d012af8de62e9fb51a491c92d1_JaffaCakes118.doc
Resource
win10v2004-20240508-en
Malware Config
Extracted
http://intrasistemas.com/cgi-bin/mTQls3/
http://gforcems.it/modules/D/
http://cooltattoo.es/hatone/6YAA0O2/
http://diesner.de/css/cf/
http://go4it24.be/administrator/Q1r3/
http://eltrafalgar.com/wp-includes/VFSi/
http://infoestudio.es/cursos/qPP/
Targets
-
-
Target
8276b8d012af8de62e9fb51a491c92d1_JaffaCakes118
-
Size
154KB
-
MD5
8276b8d012af8de62e9fb51a491c92d1
-
SHA1
478ebc666f5cdbbd5020c8dc46ea06c32cf24b6b
-
SHA256
b75def84d6907e45b5d49294b334f5691628413ba5ddb2c9e22e6d3e56992f63
-
SHA512
069e0fb89f9a98b0afc5ec43eb896e8248a0a040d82f20661c15f703f6111ff3a8eb85326a3e91f1373c694928068a8a57180fce73b19b0833ba6142930f888c
-
SSDEEP
1536:CJ0ZsWTJ0ZsWirdi1Ir77zOH98Wj2gpngR+a9xQ54LW06u:5rfrzOH98ipgt+qD6u
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-