Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
d544eb2d174cf3065c457942e2087e78_JaffaCakes118
-
Size
132KB
-
Sample
240908-29gl7asgkg
-
MD5
d544eb2d174cf3065c457942e2087e78
-
SHA1
d9d9055b06fd5984da73ce9f1a0dcd4670898c8d
-
SHA256
ac1799f9b3a672cdbf5d43c8a2d5c83c07069d2404e6a95c6e21a1abce0c3040
-
SHA512
e8ca8f1c412c18eb0f60f11186aa99b162228c36de5f6fd007e54e8d71c7906708f9689da60fe1fc4f8f7a3caae3b666e6ebb840b8b37ba5afa83927debca860
-
SSDEEP
1536:eVO81ooMDS034nC54nZrL4AkiuAMOkEEW/yEbzvad8/2GeUUt/YQJFm0DaqGq+aa:eM8GhDS0o9zTGOZD6EbzCd8/cplVDaqQ
Behavioral task
behavioral1
Sample
d544eb2d174cf3065c457942e2087e78_JaffaCakes118.doc
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
d544eb2d174cf3065c457942e2087e78_JaffaCakes118.doc
Resource
win10v2004-20240802-en
Malware Config
Extracted
http://www.binsuloomgroup.com/wp-content/uploads/TyUg_qOsCOz4O_5uPw9YSbO
http://bonnyprint.com/wp-content/PCT_0H8S_L9zVHlYSF
http://ftp.spbv.org/worem_2o27v_d
http://flowersgalleryevents.ayansaha.com/2Z4fO_YmAY_BqDF1wD
https://anhle.art/t2ZZ_zOxsnfkSJ_ClUxs
Targets
-
-
Target
d544eb2d174cf3065c457942e2087e78_JaffaCakes118
-
Size
132KB
-
MD5
d544eb2d174cf3065c457942e2087e78
-
SHA1
d9d9055b06fd5984da73ce9f1a0dcd4670898c8d
-
SHA256
ac1799f9b3a672cdbf5d43c8a2d5c83c07069d2404e6a95c6e21a1abce0c3040
-
SHA512
e8ca8f1c412c18eb0f60f11186aa99b162228c36de5f6fd007e54e8d71c7906708f9689da60fe1fc4f8f7a3caae3b666e6ebb840b8b37ba5afa83927debca860
-
SSDEEP
1536:eVO81ooMDS034nC54nZrL4AkiuAMOkEEW/yEbzvad8/2GeUUt/YQJFm0DaqGq+aa:eM8GhDS0o9zTGOZD6EbzCd8/cplVDaqQ
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-