Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Behavioral task
behavioral1
Sample
9fb8f190cf9a09ae7cd816b57d855a81_JaffaCakes118.doc
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
9fb8f190cf9a09ae7cd816b57d855a81_JaffaCakes118.doc
Resource
win10v2004-20240802-en
General
-
Target
9fb8f190cf9a09ae7cd816b57d855a81_JaffaCakes118
-
Size
242KB
-
MD5
9fb8f190cf9a09ae7cd816b57d855a81
-
SHA1
204a1e4a4aecd9c1ae6049ef8e3321a927d4b818
-
SHA256
f0fed1ff71be6ad4d5043edcffddeb395e33ab65a9a7bef091179e40ec271c63
-
SHA512
e3705a50747577abdfab20c10deef0defea010bce65abd945fbeeda89e5396c48cc13ffee544b2aa2e98209a269670270c9d4fceac81acde0d76517ff3054c8a
-
SSDEEP
3072:hvw9HXPJguq73/IKBWy4wdS00nUl+8KRiSL31:hvKHXPJi73wALU003ii
Malware Config
Signatures
-
Office macro that triggers on suspicious action 1 IoCs
Office document macro which triggers in special circumstances - often malicious.
resource yara_rule sample office_macro_on_action -
resource sample
Files
-
9fb8f190cf9a09ae7cd816b57d855a81_JaffaCakes118.doc .eml office polyglot
ThisDocument
UserForm1
UserForm2
UserForm3
UserForm4
UserForm5