Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
dd6f5a39c8ab79b607d5d11fb8efd955_JaffaCakes118
-
Size
193KB
-
Sample
240913-b6rpwaxhrh
-
MD5
dd6f5a39c8ab79b607d5d11fb8efd955
-
SHA1
da373d45e0cfca8f17891b60451e48f9792748c4
-
SHA256
1312e631f80e724ea637d1b035eb3342f09a32208ab559bc85cd5820956a5755
-
SHA512
c01475b798e8bd987c051c4b1089647575f03f7264dd25d9d5c9bbab7b8554ff6485c531e90f0fa7082ac3e3147c048d324a9e845774944439a3273d421591d4
-
SSDEEP
1536:DGGGGGGGGGG2xJLEt+LaaGGGGGGGGGGjLo9xilqfqdFTaFVT/EA8s9p8cjMfmVSt:+rfrzOH98ipgFd58cgE
Behavioral task
behavioral1
Sample
dd6f5a39c8ab79b607d5d11fb8efd955_JaffaCakes118.doc
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
dd6f5a39c8ab79b607d5d11fb8efd955_JaffaCakes118.doc
Resource
win10v2004-20240802-en
Malware Config
Extracted
http://boys86.com/wp-admin/mO/
http://dacyclin.com/3qx/Z/
https://fepami.com/wp-includes/oRT/
https://xnxxfullhd.com/wp-admin/NAK/
https://www.business-management-degree.net/wp-snapshots/W/
http://homestay.design/wordpress/M/
https://csc-comunity.com/wp-admin/6DW/
Targets
-
-
Target
dd6f5a39c8ab79b607d5d11fb8efd955_JaffaCakes118
-
Size
193KB
-
MD5
dd6f5a39c8ab79b607d5d11fb8efd955
-
SHA1
da373d45e0cfca8f17891b60451e48f9792748c4
-
SHA256
1312e631f80e724ea637d1b035eb3342f09a32208ab559bc85cd5820956a5755
-
SHA512
c01475b798e8bd987c051c4b1089647575f03f7264dd25d9d5c9bbab7b8554ff6485c531e90f0fa7082ac3e3147c048d324a9e845774944439a3273d421591d4
-
SSDEEP
1536:DGGGGGGGGGG2xJLEt+LaaGGGGGGGGGGjLo9xilqfqdFTaFVT/EA8s9p8cjMfmVSt:+rfrzOH98ipgFd58cgE
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-