Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

8

8d53569ccb...18.doc

windows7-x64

10

8d53569ccb...18.doc

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8d53569ccbbc71c205c317c61843c045_JaffaCakes118

  • Size

    137KB

  • Sample

    240602-jfxgfafg28

  • MD5

    8d53569ccbbc71c205c317c61843c045

  • SHA1

    4a93a2bd46c95aa231f9207f7cf1a29028da68d8

  • SHA256

    f763d74e2db1ee98b4265c698c0c821c147bc9ab583b361338482e62ce291dd7

  • SHA512

    3f5b32ffce094a1d57f7a2c313d2177c1dcd743fc82cc2881b900e83444594a68541c237d46596bee3a2ad93eb0a2232ba02fbd0e1f70aee9cd705c5d5c5f99a

  • SSDEEP

    3072:A8GhDS0o9zTGOZD6EbzCd3WiWCAWcWvfxa:eoUOZDlbe3WiWCAWcWvfxa

Score
10/10
macromacro_on_action

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

http://levifca.com/y0tYhnWQ
exe.dropper

http://mfpvision.com/yAkPNiSmm6
exe.dropper

http://haganelectronics.rubickdesigns.com/C96xSAAy2q
exe.dropper

http://catairdrones.com/sMQ0n8nNun
exe.dropper

http://radio312.com/mp0NHN4cHX

Targets

    • Target

      8d53569ccbbc71c205c317c61843c045_JaffaCakes118

    • Size

      137KB

    • MD5

      8d53569ccbbc71c205c317c61843c045

    • SHA1

      4a93a2bd46c95aa231f9207f7cf1a29028da68d8

    • SHA256

      f763d74e2db1ee98b4265c698c0c821c147bc9ab583b361338482e62ce291dd7

    • SHA512

      3f5b32ffce094a1d57f7a2c313d2177c1dcd743fc82cc2881b900e83444594a68541c237d46596bee3a2ad93eb0a2232ba02fbd0e1f70aee9cd705c5d5c5f99a

    • SSDEEP

      3072:A8GhDS0o9zTGOZD6EbzCd3WiWCAWcWvfxa:eoUOZDlbe3WiWCAWcWvfxa

    Score
    10/10

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks