Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
b6e8733190b6c6ae7e12b5204c80274c_JaffaCakes118
-
Size
133KB
-
Sample
240822-jvzv4szanr
-
MD5
b6e8733190b6c6ae7e12b5204c80274c
-
SHA1
541fb3dd19ad8e264dbfa55c55ef7f8a5b8a7e86
-
SHA256
77641e6ce42f0cfb1e07679d1910a7c600c2a36aacb8c3839596271c047dc0cc
-
SHA512
3665de96d3aa14ec6af1ca326578b0732f89c5e195103a4a74d79150c639ca3fdc14f631c9ab98602395f908335f88c8a5f27a50f550926439e5ec47d0c75a6a
-
SSDEEP
1536:00WRD3bNqfNpu39IId5a6XP3Mg8af2q6KEbelP4OvqTl1ygIdavkHUXeONvl8:MR1qf69xak3Mgx2hbvl8
Static task
static1
Behavioral task
behavioral1
Sample
b6e8733190b6c6ae7e12b5204c80274c_JaffaCakes118.doc
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
b6e8733190b6c6ae7e12b5204c80274c_JaffaCakes118.doc
Resource
win10v2004-20240802-en
Malware Config
Extracted
http://digimarketery.com/wp-admin/p/
http://www.mdmfashionbrand.com/softaculous/E6/
http://unicusadvisors.com/wp-content/plugins/wp-file-manager--/3/
http://castilloreservado2.com/wp-content/D/
https://edwardlongmire.com/w2ei/hI/
http://mathispros.sctestinglab.com/wp-content/5/
https://samsportal.org/images/9p/
Targets
-
-
Target
b6e8733190b6c6ae7e12b5204c80274c_JaffaCakes118
-
Size
133KB
-
MD5
b6e8733190b6c6ae7e12b5204c80274c
-
SHA1
541fb3dd19ad8e264dbfa55c55ef7f8a5b8a7e86
-
SHA256
77641e6ce42f0cfb1e07679d1910a7c600c2a36aacb8c3839596271c047dc0cc
-
SHA512
3665de96d3aa14ec6af1ca326578b0732f89c5e195103a4a74d79150c639ca3fdc14f631c9ab98602395f908335f88c8a5f27a50f550926439e5ec47d0c75a6a
-
SSDEEP
1536:00WRD3bNqfNpu39IId5a6XP3Mg8af2q6KEbelP4OvqTl1ygIdavkHUXeONvl8:MR1qf69xak3Mgx2hbvl8
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-