Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
aed66aad3586a27f08fbc479fdeccc94_JaffaCakes118
-
Size
218KB
-
Sample
240615-rqb79atdka
-
MD5
aed66aad3586a27f08fbc479fdeccc94
-
SHA1
1aa8cd8065bcee35a75453d6afaabff6768466cf
-
SHA256
bc4b778fbb93e353944a23ec652f31f6f0dd58e0354b512c2ef4712fb5f3bd4b
-
SHA512
491427d2a61e8ee9e1be23b980bfc1202a03de8145ff90116039f9c160900963a38591fa26db7ff493b9b0a0299083a6dab5576c8ff1ff8bde69b30c93380f5c
-
SSDEEP
3072:vYy0u8YGgjv+ZvchmkHcI/o1/Vb6///////////////////////////////////8:x0uXnWFchmmcI/o1/X+pDw3n
Malware Config
Extracted
http://somosdrucken.com/upload/GGQL96W/
http://www.vedigitize.com/wp-includes/l9K6YJ/
http://www.sosyalben.org/hpKTnb/
http://www.sutomoresmestaj.net/menu/E/
http://www.traveltoharamain.com/cgi-bin/b/
http://www.thinkdesign4u.com/css/Rtc1/
https://www.mwk-bionik.de/fileadmin/vOJ/
Targets
-
-
Target
aed66aad3586a27f08fbc479fdeccc94_JaffaCakes118
-
Size
218KB
-
MD5
aed66aad3586a27f08fbc479fdeccc94
-
SHA1
1aa8cd8065bcee35a75453d6afaabff6768466cf
-
SHA256
bc4b778fbb93e353944a23ec652f31f6f0dd58e0354b512c2ef4712fb5f3bd4b
-
SHA512
491427d2a61e8ee9e1be23b980bfc1202a03de8145ff90116039f9c160900963a38591fa26db7ff493b9b0a0299083a6dab5576c8ff1ff8bde69b30c93380f5c
-
SSDEEP
3072:vYy0u8YGgjv+ZvchmkHcI/o1/Vb6///////////////////////////////////8:x0uXnWFchmmcI/o1/X+pDw3n
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-