Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
d37abef20b2749210d8aad65f0bc09e3_JaffaCakes118
-
Size
227KB
-
Sample
240908-egr6wsvcmn
-
MD5
d37abef20b2749210d8aad65f0bc09e3
-
SHA1
7279d14b6a86a129bf433f2bcae642819e8afedf
-
SHA256
30a43e3c1b38fe5a37ce0fcdcaee4cef05b4d6682e668d782131c7c54de0e292
-
SHA512
0b08b0afd963c4c3265c6c91211741a0ec760f9c7aef6c29d3e887b76035410b6e625e0459811d982155d753c2d89c6eb14cd8f96cf9d086c6f0e68106b39fe7
-
SSDEEP
3072:PYy0u8YGgjv+ZvchmkHcI/o1/Vb6///////////////////////////////////s:R0uXnWFchmmcI/o1/uEP9cPwc2
Malware Config
Extracted
http://miradoors.md/backup/hFiCHxXv/
http://kuntur.tur.ar/wp-admin/OBoiKylqUuhlh/
https://mhsr.ch/wp-admin/qHvi9amkg5llk43185606/
http://miradoors.ro/cgi-bin/vhUgA4mu6tg1x461/
http://nikniek.nl/cgi-bin/A74t5p0sobrc273635587/
http://qualityhairbundles.com/of/FIKQDxATiQHEd/
http://karaz.atwebpages.com/admin/2a4j1aqkks855324/
Targets
-
-
Target
d37abef20b2749210d8aad65f0bc09e3_JaffaCakes118
-
Size
227KB
-
MD5
d37abef20b2749210d8aad65f0bc09e3
-
SHA1
7279d14b6a86a129bf433f2bcae642819e8afedf
-
SHA256
30a43e3c1b38fe5a37ce0fcdcaee4cef05b4d6682e668d782131c7c54de0e292
-
SHA512
0b08b0afd963c4c3265c6c91211741a0ec760f9c7aef6c29d3e887b76035410b6e625e0459811d982155d753c2d89c6eb14cd8f96cf9d086c6f0e68106b39fe7
-
SSDEEP
3072:PYy0u8YGgjv+ZvchmkHcI/o1/Vb6///////////////////////////////////s:R0uXnWFchmmcI/o1/uEP9cPwc2
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-