Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
9f4f0ff572b38581d00b1c369d9cd56c_JaffaCakes118
-
Size
177KB
-
Sample
240611-x77ndayekm
-
MD5
9f4f0ff572b38581d00b1c369d9cd56c
-
SHA1
6141cd20ba2bb473769a301c1ade5a56ce330844
-
SHA256
2bdb231a4e071c32f3734fa0ac5a13e5463ad6aea21e4a089fe1a1c69a56d372
-
SHA512
d0bd93ccdbf3d2367b37610e96e5003cce4d86ccf073a212415c137682a1b7376802d64a35bd44913817038c713565af6ca24a395f3485e38fb15f27c4da4346
-
SSDEEP
1536:GkPkfrdi1Ir77zOH98Wj2gpng9+a9AGnut1ExbYCYWOFBfM0jKCQ2g1:grfrzOH98ipg1uiX10+Cng1
Malware Config
Extracted
https://santyago.org/wp-content/0mcYS6/
http://dandyair.com/font-awesome/rOOAL/
https://www.tekadbatam.com/wp-content/AUiw/
http://kellymorganscience.com/wp-content/SCsWM/
https://tewoerd.eu/img/DALSKE/
http://mediainmedia.com/plugin_opencart2.3-master/Atye/
http://nuwagi.com/old/XLGjc/
Targets
-
-
Target
9f4f0ff572b38581d00b1c369d9cd56c_JaffaCakes118
-
Size
177KB
-
MD5
9f4f0ff572b38581d00b1c369d9cd56c
-
SHA1
6141cd20ba2bb473769a301c1ade5a56ce330844
-
SHA256
2bdb231a4e071c32f3734fa0ac5a13e5463ad6aea21e4a089fe1a1c69a56d372
-
SHA512
d0bd93ccdbf3d2367b37610e96e5003cce4d86ccf073a212415c137682a1b7376802d64a35bd44913817038c713565af6ca24a395f3485e38fb15f27c4da4346
-
SSDEEP
1536:GkPkfrdi1Ir77zOH98Wj2gpng9+a9AGnut1ExbYCYWOFBfM0jKCQ2g1:grfrzOH98ipg1uiX10+Cng1
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-