Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
c7583c3314352b95a859b1850241ec4c_JaffaCakes118
-
Size
87KB
-
Sample
240828-wcnrcaycld
-
MD5
c7583c3314352b95a859b1850241ec4c
-
SHA1
686021b468397700f6cbba09d7374a4ba4a82afc
-
SHA256
6d1522b971a391ad16352b8cd205416729b99239fbc9101c43ad9c5b50f876c2
-
SHA512
f3ccbde93f73ddcd21c53219cd33b1563f051e76485d5bfe3715c46de712f7ac5f34ad17e01b32c485d0e1d1c61651ccb23089e38097fe2a4774a285c6737710
-
SSDEEP
1536:aptJlmrJpmxlRw99NBj+aIc0IvHsA99l:Gte2dw99f1UA99l
Behavioral task
behavioral1
Sample
c7583c3314352b95a859b1850241ec4c_JaffaCakes118.doc
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
c7583c3314352b95a859b1850241ec4c_JaffaCakes118.doc
Resource
win10v2004-20240802-en
Malware Config
Extracted
http://lw.mirkre.com/CdKQQ
http://dent.doctor-korchagina.ru/Dkxxo
http://ehisblogtutorial.tk/0SIC3
http://fendy.lightux.com/BriMn5Vx
http://founderspond.skyries.com/KkfYR
Targets
-
-
Target
c7583c3314352b95a859b1850241ec4c_JaffaCakes118
-
Size
87KB
-
MD5
c7583c3314352b95a859b1850241ec4c
-
SHA1
686021b468397700f6cbba09d7374a4ba4a82afc
-
SHA256
6d1522b971a391ad16352b8cd205416729b99239fbc9101c43ad9c5b50f876c2
-
SHA512
f3ccbde93f73ddcd21c53219cd33b1563f051e76485d5bfe3715c46de712f7ac5f34ad17e01b32c485d0e1d1c61651ccb23089e38097fe2a4774a285c6737710
-
SSDEEP
1536:aptJlmrJpmxlRw99NBj+aIc0IvHsA99l:Gte2dw99f1UA99l
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
An obfuscated cmd.exe command-line is typically used to evade detection.
-