Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
d0fd563358e7480da8a39e8cdb6ef3cc_JaffaCakes118
-
Size
189KB
-
Sample
240907-d4mdgssgll
-
MD5
d0fd563358e7480da8a39e8cdb6ef3cc
-
SHA1
4e76be3b07b47c413706731c21bd38a86be25d73
-
SHA256
4f43ea2ee6d7c159765e14f68214b6c03142714d2c413ed8eeed276fdd3641ea
-
SHA512
f8b5d7f47e12d01e202cc4690e705a10b85d3fb13f9567e05a9befad03e1dbf9a144f706fb1ff6b4aefe3f83a68c91611b2b4463aef8e9946c7ac5a512aea2cf
-
SSDEEP
3072:p5Fqffqjbzk/jL/xSu90OoiLuDKZXfwKeljR1z:pjOqjk/xUOmD+XfwLX
Static task
static1
Behavioral task
behavioral1
Sample
d0fd563358e7480da8a39e8cdb6ef3cc_JaffaCakes118.doc
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
d0fd563358e7480da8a39e8cdb6ef3cc_JaffaCakes118.doc
Resource
win10v2004-20240802-en
Malware Config
Extracted
http://tunerg.com/SKMFSuIWW
http://stoutarc.com/JbCOGyE
http://www.modern-autoparts.com/ezFUGpI
http://antigua.aguilarnoticias.com/LNOGFuYx
http://take-one2.com/X80VedH
Targets
-
-
Target
d0fd563358e7480da8a39e8cdb6ef3cc_JaffaCakes118
-
Size
189KB
-
MD5
d0fd563358e7480da8a39e8cdb6ef3cc
-
SHA1
4e76be3b07b47c413706731c21bd38a86be25d73
-
SHA256
4f43ea2ee6d7c159765e14f68214b6c03142714d2c413ed8eeed276fdd3641ea
-
SHA512
f8b5d7f47e12d01e202cc4690e705a10b85d3fb13f9567e05a9befad03e1dbf9a144f706fb1ff6b4aefe3f83a68c91611b2b4463aef8e9946c7ac5a512aea2cf
-
SSDEEP
3072:p5Fqffqjbzk/jL/xSu90OoiLuDKZXfwKeljR1z:pjOqjk/xUOmD+XfwLX
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-