Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
abbc6b68bd44d71ab99aa0ae8c028ef5_JaffaCakes118
-
Size
159KB
-
Sample
240614-198v1ascll
-
MD5
abbc6b68bd44d71ab99aa0ae8c028ef5
-
SHA1
7993336c1ab25eacaa1b689f0fc8233281ec9077
-
SHA256
53a69d30f1a076c6330a4738e22990f94090def9eb771e314d79c3c1a9234ca2
-
SHA512
82a90be29c9d5900ec5baef31bf4ba1ddd25c98520842db674ef547e06e8f587ef76fe5d76c9a6db1662a9a047e134d9fed8dd0afaa1e308af7be793f80b56bf
-
SSDEEP
1536:ERWfcRWfsrdi1Ir77zOH98Wj2gpngd+a9H6Fgx+re7:ErfrzOH98ipgf6FO+a7
Behavioral task
behavioral1
Sample
abbc6b68bd44d71ab99aa0ae8c028ef5_JaffaCakes118.doc
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
abbc6b68bd44d71ab99aa0ae8c028ef5_JaffaCakes118.doc
Resource
win10v2004-20240611-en
Malware Config
Extracted
http://citas.nubeweb24.com/wp-admin/bd0/
http://wallenkelley.xyz/wp-content/A1/
http://noraiport.nubeweb24.com/wp-admin/eh5/
https://citybasket.in/sitemap/quZ/
http://tingme.vn/wp-content/plugins/X/
https://fairplay.company/wp-includes/H/
https://casa.nubeweb24.com/wp-admin/hiR/
Targets
-
-
Target
abbc6b68bd44d71ab99aa0ae8c028ef5_JaffaCakes118
-
Size
159KB
-
MD5
abbc6b68bd44d71ab99aa0ae8c028ef5
-
SHA1
7993336c1ab25eacaa1b689f0fc8233281ec9077
-
SHA256
53a69d30f1a076c6330a4738e22990f94090def9eb771e314d79c3c1a9234ca2
-
SHA512
82a90be29c9d5900ec5baef31bf4ba1ddd25c98520842db674ef547e06e8f587ef76fe5d76c9a6db1662a9a047e134d9fed8dd0afaa1e308af7be793f80b56bf
-
SSDEEP
1536:ERWfcRWfsrdi1Ir77zOH98Wj2gpngd+a9H6Fgx+re7:ErfrzOH98ipgf6FO+a7
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-