Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
afb1ca520109862e9f4dfa0c580cf7cc_JaffaCakes118
-
Size
242KB
-
Sample
240615-wmtqcatcpq
-
MD5
afb1ca520109862e9f4dfa0c580cf7cc
-
SHA1
c77d1820b106e3829db299aeedebac8d5d8bca5d
-
SHA256
d13b82cb72b636213f7c77bfcea345f6cab24b0a14dcfb4cfdf54c8075ccb0de
-
SHA512
41223903c382a0fd30c6c5ecec619b61b94eafb975fd166cd0a8b5d3c53a6e689bcf06dcf3acec948ad5bbfad2f1ae76420a25bfcb26d9639e5d5a91d3dee443
-
SSDEEP
3072:XYy0u8YGgjv+ZvchmkHcI/o1/Vb6///////////////////////////////////m:Z0uXnWFchmmcI/o1/1L7
Malware Config
Extracted
http://localesfavoritos.com/wp-admin/c/
http://generalstorebd.com/wp-admin/pvI/
https://agrotradespecialist.com/re/xq/
http://laladiwanchandmodernwrestlingandyogacentre.com/wp-content/kg/
http://zzuzhi.xuezha.vip/themes/P/
http://octopusconsults.com/wp-content/En7/
https://minilillie.com/8npku7/b/
Targets
-
-
Target
afb1ca520109862e9f4dfa0c580cf7cc_JaffaCakes118
-
Size
242KB
-
MD5
afb1ca520109862e9f4dfa0c580cf7cc
-
SHA1
c77d1820b106e3829db299aeedebac8d5d8bca5d
-
SHA256
d13b82cb72b636213f7c77bfcea345f6cab24b0a14dcfb4cfdf54c8075ccb0de
-
SHA512
41223903c382a0fd30c6c5ecec619b61b94eafb975fd166cd0a8b5d3c53a6e689bcf06dcf3acec948ad5bbfad2f1ae76420a25bfcb26d9639e5d5a91d3dee443
-
SSDEEP
3072:XYy0u8YGgjv+ZvchmkHcI/o1/Vb6///////////////////////////////////m:Z0uXnWFchmmcI/o1/1L7
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-