Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
8d1c3a8567d4783dd0eeda20eab00b5b_JaffaCakes118
-
Size
69KB
-
Sample
240602-grwyyadg25
-
MD5
8d1c3a8567d4783dd0eeda20eab00b5b
-
SHA1
9c993205778a28a8e71a0315c7c32ac46a36a405
-
SHA256
158bd5360e8a314ea7eb641808de86cde3e55bae9829d5c8f2a7e7e44b791b81
-
SHA512
05421d307d863a950715ea10ae40662d06d6d968b1c2f19c0a31a8d019f8e72a5c47e20750fbf53cf27c767febcc2df9bda024dc08fa146ddaaf9bb66eb5717a
-
SSDEEP
768:QpJcaUitGAlmrJpmxlzC+w99NB7+1oALIH5E+4Iwsp/6Z1DpXC:QptJlmrJpmxlRw99NB7+aA9+3wspyzV
Behavioral task
behavioral1
Sample
8d1c3a8567d4783dd0eeda20eab00b5b_JaffaCakes118.doc
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
8d1c3a8567d4783dd0eeda20eab00b5b_JaffaCakes118.doc
Resource
win10v2004-20240508-en
Malware Config
Extracted
http://bioners.com/X8nV8i
http://otiaki.com/33EKwRe
http://bc-cdc.org/x
http://marienthal.info/gIAl3AM
http://jingtianyanglao.com/iaM5oV8
Targets
-
-
Target
8d1c3a8567d4783dd0eeda20eab00b5b_JaffaCakes118
-
Size
69KB
-
MD5
8d1c3a8567d4783dd0eeda20eab00b5b
-
SHA1
9c993205778a28a8e71a0315c7c32ac46a36a405
-
SHA256
158bd5360e8a314ea7eb641808de86cde3e55bae9829d5c8f2a7e7e44b791b81
-
SHA512
05421d307d863a950715ea10ae40662d06d6d968b1c2f19c0a31a8d019f8e72a5c47e20750fbf53cf27c767febcc2df9bda024dc08fa146ddaaf9bb66eb5717a
-
SSDEEP
768:QpJcaUitGAlmrJpmxlzC+w99NB7+1oALIH5E+4Iwsp/6Z1DpXC:QptJlmrJpmxlRw99NB7+aA9+3wspyzV
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
An obfuscated cmd.exe command-line is typically used to evade detection.
-