Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
844fb7bc81bfc7002245a6a66ae8a47e_JaffaCakes118
-
Size
163KB
-
Sample
240530-qqegyaab4v
-
MD5
844fb7bc81bfc7002245a6a66ae8a47e
-
SHA1
97e84d126cf307685a299ba7bac241d678a60406
-
SHA256
999123e765753a8a7e01000077c615e01d9148be201c80c191843233e50ff54e
-
SHA512
7b4ae0126630c78113d03b8a19a7f35232cf5a2f317b4d958b074978d43551f89b2dad6246cc272c61bbe3b4229e9c96e9788d1ee0686df0d5528e5ad43b0575
-
SSDEEP
1536:T5a/aNrdi1Ir77zOH98Wj2gpngR+a9a5ZVDEuEfBzoI9GQ:T/rfrzOH98ipguO5JzoYGQ
Behavioral task
behavioral1
Sample
844fb7bc81bfc7002245a6a66ae8a47e_JaffaCakes118.doc
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
844fb7bc81bfc7002245a6a66ae8a47e_JaffaCakes118.doc
Resource
win10v2004-20240426-en
Malware Config
Extracted
http://cryptokuota.com/assets/M2ngTrJ/
https://pinterusmedia.com/wp-admin/YX/
https://aszcasino.com/aszdemo/DRloh/
https://dubai-homes.ae/wp-admin/YBJR3M/
https://whitdoit.tk/ljiy53n/xxE/
http://4life.com.vn/wp-admin/R/
http://baran-business.de/wp-content/pMr/
Targets
-
-
Target
844fb7bc81bfc7002245a6a66ae8a47e_JaffaCakes118
-
Size
163KB
-
MD5
844fb7bc81bfc7002245a6a66ae8a47e
-
SHA1
97e84d126cf307685a299ba7bac241d678a60406
-
SHA256
999123e765753a8a7e01000077c615e01d9148be201c80c191843233e50ff54e
-
SHA512
7b4ae0126630c78113d03b8a19a7f35232cf5a2f317b4d958b074978d43551f89b2dad6246cc272c61bbe3b4229e9c96e9788d1ee0686df0d5528e5ad43b0575
-
SSDEEP
1536:T5a/aNrdi1Ir77zOH98Wj2gpngR+a9a5ZVDEuEfBzoI9GQ:T/rfrzOH98ipguO5JzoYGQ
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-