Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
89c008a6668cfced5c53f05f3e74b24e_JaffaCakes118
-
Size
214KB
-
Sample
240601-ja25qsdh7z
-
MD5
89c008a6668cfced5c53f05f3e74b24e
-
SHA1
dd74ab9468c242b2e380a2a94d3990df84adba93
-
SHA256
7c8c775210220e5ceee72c0c7459877dbcb72068aa6011fa6a29f5e3fda1b5f8
-
SHA512
fc87efa893d36b7285513840dd5a30988f0478078975f3bd38405d1f47b4ca8d1d8c2c8c1ceafbfe225f9998fdc38663c30ff607a475887e13f3118f72d764a1
-
SSDEEP
3072:EEd93LpGo0aQLjaxQCF3tmKZQHkrL2VerQfcRoC:EEd2V6xQCpttQwLZQfI
Behavioral task
behavioral1
Sample
89c008a6668cfced5c53f05f3e74b24e_JaffaCakes118.doc
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
89c008a6668cfced5c53f05f3e74b24e_JaffaCakes118.doc
Resource
win10v2004-20240508-en
Malware Config
Extracted
http://uat-essence.oablab.com/cEP88qz
http://34.207.179.222/GPc2ykD
http://204.236.197.55/ZmkN6EP
http://107.23.200.84/EmllsJND2W
http://radioviverbem.com.br/SZYTAZDa
Targets
-
-
Target
89c008a6668cfced5c53f05f3e74b24e_JaffaCakes118
-
Size
214KB
-
MD5
89c008a6668cfced5c53f05f3e74b24e
-
SHA1
dd74ab9468c242b2e380a2a94d3990df84adba93
-
SHA256
7c8c775210220e5ceee72c0c7459877dbcb72068aa6011fa6a29f5e3fda1b5f8
-
SHA512
fc87efa893d36b7285513840dd5a30988f0478078975f3bd38405d1f47b4ca8d1d8c2c8c1ceafbfe225f9998fdc38663c30ff607a475887e13f3118f72d764a1
-
SSDEEP
3072:EEd93LpGo0aQLjaxQCF3tmKZQHkrL2VerQfcRoC:EEd2V6xQCpttQwLZQfI
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-