Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Behavioral task
behavioral1
Sample
9b4554b39a888954f5c77cb0eaf0df26_JaffaCakes118.doc
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
9b4554b39a888954f5c77cb0eaf0df26_JaffaCakes118.doc
Resource
win10v2004-20240802-en
General
-
Target
9b4554b39a888954f5c77cb0eaf0df26_JaffaCakes118
-
Size
238KB
-
MD5
9b4554b39a888954f5c77cb0eaf0df26
-
SHA1
89b7a87dd52ed5040741a867000404783c388adc
-
SHA256
ff3abd547bbac577c8dfa13433f00fea54dccf71bdbf46d3cc96a1dc1a7b4e79
-
SHA512
bfc266e0a94a35c9bacfa8d609f0d02960e065699b14c5ea1e1591bbf60beac81d7a20230cad9393d1a80e069691f74057fff83f097c86aab9bfc1025fcd1e14
-
SSDEEP
1536:XterT1w1vN8M/EfOgnPJceKBCwbaxEHrTPAyNK/dRYf+ZnjO3zzdrIhD:XAw1vPEfOgnPJceKBDaSYdSlal
Malware Config
Signatures
-
Office macro that triggers on suspicious action 1 IoCs
Office document macro which triggers in special circumstances - often malicious.
resource yara_rule sample office_macro_on_action -
resource sample
Files
-
9b4554b39a888954f5c77cb0eaf0df26_JaffaCakes118.doc .eml office polyglot
ThisDocument
UserForm1
UserForm2
UserForm3
UserForm4
UserForm5