Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Behavioral task
behavioral1
Sample
99182162ec6fa6c4752150d37e3f8a7b_JaffaCakes118.doc
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
99182162ec6fa6c4752150d37e3f8a7b_JaffaCakes118.doc
Resource
win10v2004-20240802-en
General
-
Target
99182162ec6fa6c4752150d37e3f8a7b_JaffaCakes118
-
Size
242KB
-
MD5
99182162ec6fa6c4752150d37e3f8a7b
-
SHA1
34443a18c9ed12b81f2d83c410d9b20135194c6e
-
SHA256
dc200eaa002ca7c77b6a41874ed1905ab31095adab67e438dc0ba94810d9852d
-
SHA512
c66823a06666c55b609b2e5a54b6b91d429084e10dc50f10a777c94f2cc9f84b71e085d7fe36fa16cbd654534c11a8c51bb6472be39f3b13d637d06c79119bcf
-
SSDEEP
1536:Eterikw0HJzwlIiuq73/IKBPdbs0gj5HrTPjyaK/dRYt2tXOrBY81t7jReq5Lqc3:EOw0pklIiuq73/IKBds72dSOKb78WLOG
Malware Config
Signatures
-
Office macro that triggers on suspicious action 1 IoCs
Office document macro which triggers in special circumstances - often malicious.
resource yara_rule sample office_macro_on_action -
resource sample
Files
-
99182162ec6fa6c4752150d37e3f8a7b_JaffaCakes118.doc .eml office polyglot
ThisDocument
UserForm1
UserForm2
UserForm3
UserForm4
UserForm5