Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
d3f3124d96e6ced6528ba07736cd9744_JaffaCakes118
-
Size
247KB
-
Sample
240908-kefyqsyape
-
MD5
d3f3124d96e6ced6528ba07736cd9744
-
SHA1
2a19fb773d17f0e10278d74ca1a43e2d54563369
-
SHA256
0fb1891062a2efc47b2fe69391e3a7a42673afdbb21d834af3ad3ac36b56ecf0
-
SHA512
6ce46e3ebe6b332d2cab8ea121240dbe3701a85f4c70a3c9e34e071c38d8b7318641fd7d854ffed8b96c8ffbc49b19d3251b6c61aa7cc55f07c26ef9fa1914e7
-
SSDEEP
3072:yr/DEfw4rgz5WgP0BN1/AZjL/xSu90OoiLuDKZXfwKeljR1j:AzjzPkAxxUOmD+XfwL3
Static task
static1
Behavioral task
behavioral1
Sample
d3f3124d96e6ced6528ba07736cd9744_JaffaCakes118.doc
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
d3f3124d96e6ced6528ba07736cd9744_JaffaCakes118.doc
Resource
win10v2004-20240802-en
Malware Config
Extracted
http://mipec-city-view.com/eLFdiHVZc
http://betablanja.com/ucF43aOI
http://bluehost.theoceanweb.com/wp-admin/css/HeR7zgu
http://thanhlapdoanhnghiephnh.com/YWPDn0EHGX
http://aktemuryonetim.com/HQp52Xt
Targets
-
-
Target
d3f3124d96e6ced6528ba07736cd9744_JaffaCakes118
-
Size
247KB
-
MD5
d3f3124d96e6ced6528ba07736cd9744
-
SHA1
2a19fb773d17f0e10278d74ca1a43e2d54563369
-
SHA256
0fb1891062a2efc47b2fe69391e3a7a42673afdbb21d834af3ad3ac36b56ecf0
-
SHA512
6ce46e3ebe6b332d2cab8ea121240dbe3701a85f4c70a3c9e34e071c38d8b7318641fd7d854ffed8b96c8ffbc49b19d3251b6c61aa7cc55f07c26ef9fa1914e7
-
SSDEEP
3072:yr/DEfw4rgz5WgP0BN1/AZjL/xSu90OoiLuDKZXfwKeljR1j:AzjzPkAxxUOmD+XfwL3
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-