Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
ac99f1eec9b3868ff34b753e13ebb442_JaffaCakes118
-
Size
176KB
-
Sample
240819-z2rq3swcle
-
MD5
ac99f1eec9b3868ff34b753e13ebb442
-
SHA1
45a969140aca1acb5cb70a7d5a3f18ae21aaf2a1
-
SHA256
897cbd1c3f685c12be9696f69d948ee8bbb076934b0c0f13e3ba293b935907dd
-
SHA512
e6ef226cbdc838e71f1c57e044a6fd367d37a6059a9b55165116eaab1a2790170a7d081d27cd864913ef816b6f2e2f9c36be4a1c7ac082eedf0506ccbdc5c57e
-
SSDEEP
1536:CC+rdi1Ir77zOH98Wj2gpngx+a9OH4oaJrtrYYnalL2VCf3oIHc:GrfrzOH98ipg6HEJrtrDnalL2Vw3lc
Malware Config
Extracted
http://reseller-demo-website.com/discussion/qWWf8FS/
https://www.mockdumps.com/test/Z2pJ/
https://twisterprint.com/chrometheme/Vcr/
http://simulations.org/rw_common/KfX2MW/
http://planosdesaudesemcarencia.com/erros/JHoq/
https://viaje-achina.com/wp-admin/A1O8tL/
https://cearacultural.com.br/turismo/oy/
Targets
-
-
Target
ac99f1eec9b3868ff34b753e13ebb442_JaffaCakes118
-
Size
176KB
-
MD5
ac99f1eec9b3868ff34b753e13ebb442
-
SHA1
45a969140aca1acb5cb70a7d5a3f18ae21aaf2a1
-
SHA256
897cbd1c3f685c12be9696f69d948ee8bbb076934b0c0f13e3ba293b935907dd
-
SHA512
e6ef226cbdc838e71f1c57e044a6fd367d37a6059a9b55165116eaab1a2790170a7d081d27cd864913ef816b6f2e2f9c36be4a1c7ac082eedf0506ccbdc5c57e
-
SSDEEP
1536:CC+rdi1Ir77zOH98Wj2gpngx+a9OH4oaJrtrYYnalL2VCf3oIHc:GrfrzOH98ipg6HEJrtrDnalL2Vw3lc
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-