Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
a6e6523c4e19fc481c9c97e782a72cfa_JaffaCakes118
-
Size
78KB
-
Sample
240818-q496rsygrl
-
MD5
a6e6523c4e19fc481c9c97e782a72cfa
-
SHA1
ee2d41aaa87bd4685c957d6bf09c2a32e4e6b5aa
-
SHA256
5015274753021e3190bfc5d80f88189804b6e86e252acec56dd40ba99367a807
-
SHA512
a344c63cdde4e678f9c9e9df4ecf7c6eb123035f73a0ee24bad50524f4cc1d28778c78f2a3f0cf47c74067971f0eabf082059e9a62af266183f50637637dd73c
-
SSDEEP
768:WUzHVucRFoqkp59YBvLdTv9ReVi4eFov5UHRFBx+1oVA2SWQd32ef2RGGrTb:WQHocn1kp59gxBK85fBx+aVdU2eiGo
Behavioral task
behavioral1
Sample
a6e6523c4e19fc481c9c97e782a72cfa_JaffaCakes118.doc
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
a6e6523c4e19fc481c9c97e782a72cfa_JaffaCakes118.doc
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
a6e6523c4e19fc481c9c97e782a72cfa_JaffaCakes118
-
Size
78KB
-
MD5
a6e6523c4e19fc481c9c97e782a72cfa
-
SHA1
ee2d41aaa87bd4685c957d6bf09c2a32e4e6b5aa
-
SHA256
5015274753021e3190bfc5d80f88189804b6e86e252acec56dd40ba99367a807
-
SHA512
a344c63cdde4e678f9c9e9df4ecf7c6eb123035f73a0ee24bad50524f4cc1d28778c78f2a3f0cf47c74067971f0eabf082059e9a62af266183f50637637dd73c
-
SSDEEP
768:WUzHVucRFoqkp59YBvLdTv9ReVi4eFov5UHRFBx+1oVA2SWQd32ef2RGGrTb:WQHocn1kp59gxBK85fBx+aVdU2eiGo
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
An obfuscated cmd.exe command-line is typically used to evade detection.
-