Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

0346a794ab...18.doc

windows7-x64

10

0346a794ab...18.doc

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0346a794abb0ecb9b341e897dedd512e_JaffaCakes118

  • Size

    152KB

  • Sample

    240728-agrsxawern

  • MD5

    0346a794abb0ecb9b341e897dedd512e

  • SHA1

    5a6a5a6a1c468c72a1d808da36cb85b285f3a400

  • SHA256

    46a1658156d6a9d582e000f749a33e6d73db3ef7c27615961a83681da895e939

  • SHA512

    967ccb26530d689666a5c0ddd4c5c65d0491b281dca5025bd5e2e58ef0f73cc8e744eae253096fc451e2ceb7ac029fb45c5504c11aff4fd183229000557e3ab7

  • SSDEEP

    1536:oSGB445TEgrO3jSWAg83tle1ZZ0293QM0eetR2cOupLB5UZ5p+a9vPKv9knJbGrr:oz22TWTogk079THcpOu5UZx5UoOfqxE

Score
10/10
discovery

Malware Config

Extracted

Language
ps1
Source
URLs
exe.dropper

http://armahouse.com/wp-includes/0/
exe.dropper

http://bitbenderz.com/ali/4Lo/
exe.dropper

http://lagera.com/images/W/
exe.dropper

http://msmartyford.com/assets/OI/
exe.dropper

http://geisterhouse.com/cgi-bin/FE/
exe.dropper

https://konican.com/cgi-bin/nFK/
exe.dropper

https://coolcomputers.info/LLC/zD/

Targets

    • Target

      0346a794abb0ecb9b341e897dedd512e_JaffaCakes118

    • Size

      152KB

    • MD5

      0346a794abb0ecb9b341e897dedd512e

    • SHA1

      5a6a5a6a1c468c72a1d808da36cb85b285f3a400

    • SHA256

      46a1658156d6a9d582e000f749a33e6d73db3ef7c27615961a83681da895e939

    • SHA512

      967ccb26530d689666a5c0ddd4c5c65d0491b281dca5025bd5e2e58ef0f73cc8e744eae253096fc451e2ceb7ac029fb45c5504c11aff4fd183229000557e3ab7

    • SSDEEP

      1536:oSGB445TEgrO3jSWAg83tle1ZZ0293QM0eetR2cOupLB5UZ5p+a9vPKv9knJbGrr:oz22TWTogk079THcpOu5UZx5UoOfqxE

    Score
    10/10
    discovery

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Blocklisted process makes network request

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks