Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Behavioral task
behavioral1
Sample
9a04baba69f0d82fad499232f0d15a6a_JaffaCakes118.doc
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
9a04baba69f0d82fad499232f0d15a6a_JaffaCakes118.doc
Resource
win10v2004-20240802-en
General
-
Target
9a04baba69f0d82fad499232f0d15a6a_JaffaCakes118
-
Size
242KB
-
MD5
9a04baba69f0d82fad499232f0d15a6a
-
SHA1
bfb701eba30b1491f3605f36f0eb0ba03223557d
-
SHA256
ed8657615571c88fdd8706bf2f5ca13368a7bcbca7c9ae6e9b052ff901ba97b9
-
SHA512
8ec67f6652ef91d2fb502b80907d778f7b950ef36c5c9985aa8f19f6ab359e157bd682ea1647d742c66b8666ab9d694ca83a5ad91a3c76f883d326c20c0e5211
-
SSDEEP
3072:bOw0pklIiuq73/IKBdsO8dSWhd4Jl9mhY:bO5pklIo73wAqUW34Jl9mhY
Malware Config
Signatures
-
Office macro that triggers on suspicious action 1 IoCs
Office document macro which triggers in special circumstances - often malicious.
resource yara_rule sample office_macro_on_action -
resource sample
Files
-
9a04baba69f0d82fad499232f0d15a6a_JaffaCakes118.doc .eml office polyglot
ThisDocument
UserForm1
UserForm2
UserForm3
UserForm4
UserForm5