Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
9eb53a1184d32b28b60e70f8a1ae014c_JaffaCakes118
-
Size
189KB
-
Sample
240611-s98w1asdkh
-
MD5
9eb53a1184d32b28b60e70f8a1ae014c
-
SHA1
b5dee667db6ef767f80dbd29e34f94f32d80a618
-
SHA256
3363296e9722855be2f507d21bb80db729d4452c72d517969689ed5592447652
-
SHA512
20fa48218d461bcaefa5cdcaf19129a7f58244d3e4fe6083ffb84cf2de7ed23f5383d86f0fad0ca6a8e1a06507e6d2685c4d04011183104691a39752c2877c70
-
SSDEEP
1536:5GGGGGGGGGG2xJLEt+LaaGGGGGGGGGGjLo9xilWfm9ITmDST/Ephs7p8cEpY/d8O:M8rfrzOH98ipgBLT3R
Behavioral task
behavioral1
Sample
9eb53a1184d32b28b60e70f8a1ae014c_JaffaCakes118.doc
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
9eb53a1184d32b28b60e70f8a1ae014c_JaffaCakes118.doc
Resource
win10v2004-20240426-en
Malware Config
Extracted
http://amettatravel.com/wp-admin/1/
http://iqauthority.com/wp-admin/9Id/
http://www.sifesro.com/wp-includes/o/
http://oneinsix.com/test/0/
https://dramacool9.live/scbvq1/sPT/
http://blog.geekpai.top/rmebw/x/
https://datxanhmienbac.info/lfb8ii/LmG/
Targets
-
-
Target
9eb53a1184d32b28b60e70f8a1ae014c_JaffaCakes118
-
Size
189KB
-
MD5
9eb53a1184d32b28b60e70f8a1ae014c
-
SHA1
b5dee667db6ef767f80dbd29e34f94f32d80a618
-
SHA256
3363296e9722855be2f507d21bb80db729d4452c72d517969689ed5592447652
-
SHA512
20fa48218d461bcaefa5cdcaf19129a7f58244d3e4fe6083ffb84cf2de7ed23f5383d86f0fad0ca6a8e1a06507e6d2685c4d04011183104691a39752c2877c70
-
SSDEEP
1536:5GGGGGGGGGG2xJLEt+LaaGGGGGGGGGGjLo9xilWfm9ITmDST/Ephs7p8cEpY/d8O:M8rfrzOH98ipgBLT3R
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-