Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
8d6af41ee21d0d24be9a8c0443464f3f_JaffaCakes118
-
Size
129KB
-
Sample
240812-fn3fwa1bqc
-
MD5
8d6af41ee21d0d24be9a8c0443464f3f
-
SHA1
2ac4cb1b47a63c03afe242137c03bc460810f726
-
SHA256
5c00430991a28daff019acc9d8c4abdabf88b60aaf49d31d34bf6836dea48caf
-
SHA512
40083a31339e757c919ed337ce84e403b2b778c4926c2784907618724bcff568fdc3da83cad510b2c0fb61bd54d948784fab38542682cc0807d38adb989285bb
-
SSDEEP
3072:Sk3hOdsylKlgxopeiBNhZFGzE+cL2kdAxc6YehWfGdtUHKGDbpmsii/+u6ssC06+:Sk3hOdsylKlgxopeiBNhZF+E+W2kdAxX
Behavioral task
behavioral1
Sample
8d6af41ee21d0d24be9a8c0443464f3f_JaffaCakes118.xls
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
8d6af41ee21d0d24be9a8c0443464f3f_JaffaCakes118.xls
Resource
win10v2004-20240802-en
Malware Config
Extracted
http://190.14.37.165/45516.2097292824.dat
http://5.196.247.11/45516.2097292824.dat
http://188.119.113.3/45516.2097292824.dat
Extracted
http://190.14.37.165/45516.2097611111.dat
http://5.196.247.11/45516.2097611111.dat
http://188.119.113.3/45516.2097611111.dat
Targets
-
-
Target
8d6af41ee21d0d24be9a8c0443464f3f_JaffaCakes118
-
Size
129KB
-
MD5
8d6af41ee21d0d24be9a8c0443464f3f
-
SHA1
2ac4cb1b47a63c03afe242137c03bc460810f726
-
SHA256
5c00430991a28daff019acc9d8c4abdabf88b60aaf49d31d34bf6836dea48caf
-
SHA512
40083a31339e757c919ed337ce84e403b2b778c4926c2784907618724bcff568fdc3da83cad510b2c0fb61bd54d948784fab38542682cc0807d38adb989285bb
-
SSDEEP
3072:Sk3hOdsylKlgxopeiBNhZFGzE+cL2kdAxc6YehWfGdtUHKGDbpmsii/+u6ssC06+:Sk3hOdsylKlgxopeiBNhZF+E+W2kdAxX
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-