Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
9ca84c781d6722c02a250ce9258cb650_JaffaCakes118
-
Size
189KB
-
Sample
240611-cezf3s1ajq
-
MD5
9ca84c781d6722c02a250ce9258cb650
-
SHA1
48c5c893a427b99e4b352e4668aa589829ed905c
-
SHA256
6351168d14cfa0372803482062882590c98d717dc4f4eb2541fe3a154e8dc40f
-
SHA512
7a08ba4709b95f5614d2b431327f2b1bf31fdf2f2f3f22f5926ea15657586483b880ca4cddfff039c492d76fd994b3322c989e1eda92f15ba056ae42c4f04817
-
SSDEEP
3072:uvHv22TWTogk079THcpOu5UZNNu81zUz4LKvJ:E/TX07hHcJQXuezUEL4J
Behavioral task
behavioral1
Sample
9ca84c781d6722c02a250ce9258cb650_JaffaCakes118.doc
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
9ca84c781d6722c02a250ce9258cb650_JaffaCakes118.doc
Resource
win10v2004-20240426-en
Malware Config
Extracted
http://minershallmuseum.com/documents/D/
http://injazjordan.com/moodle/Vh/
https://site1.xyz/wp-admin/Y/
http://2bstone.com/vr7tf0c/ZD/
http://biology-360.com/wp-admin/hv/
http://tez-tour.site/wp-content/9sB/
http://iooe.cn/wp-content/hdO/
Targets
-
-
Target
9ca84c781d6722c02a250ce9258cb650_JaffaCakes118
-
Size
189KB
-
MD5
9ca84c781d6722c02a250ce9258cb650
-
SHA1
48c5c893a427b99e4b352e4668aa589829ed905c
-
SHA256
6351168d14cfa0372803482062882590c98d717dc4f4eb2541fe3a154e8dc40f
-
SHA512
7a08ba4709b95f5614d2b431327f2b1bf31fdf2f2f3f22f5926ea15657586483b880ca4cddfff039c492d76fd994b3322c989e1eda92f15ba056ae42c4f04817
-
SSDEEP
3072:uvHv22TWTogk079THcpOu5UZNNu81zUz4LKvJ:E/TX07hHcJQXuezUEL4J
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-