Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
dfa9d4948809090797a951edffa5ea93_JaffaCakes118
-
Size
241KB
-
Sample
240914-hbxe7s1apr
-
MD5
dfa9d4948809090797a951edffa5ea93
-
SHA1
1f3d636766c650733c7e66be530f345246005d2c
-
SHA256
5af58ca99bb8ab1c5502499b987781f73cc44491b3fa9e15c03d418cd84bea17
-
SHA512
733acec680d6ceaab2dc0085bd8ee1dca2090649c39a2d22326a8019102f044e8aaf077e61040ede7e4781e80d8b479617389a126334f68a96804fea7ec3e6cb
-
SSDEEP
3072:wYy0u8YGgjv+ZvchmkHcI/o1/Vb6///////////////////////////////////F:40uXnWFchmmcI/o1/dOftz
Behavioral task
behavioral1
Sample
dfa9d4948809090797a951edffa5ea93_JaffaCakes118.doc
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
dfa9d4948809090797a951edffa5ea93_JaffaCakes118.doc
Resource
win10v2004-20240802-en
Malware Config
Extracted
http://www.ksgresearch.org/LLC/z9B/
http://www.mitrausahacontrucion.com/multifunctional-section/X2v4XN/
http://daprofesional.com/data4/rsdbA1h/
http://degisimkalip.com.tr/wp-admin/ZML/
http://da-industrial.com/js/6GGA48AK/
http://cse-engineer.com/cgi-bin/BOiL/
http://casabeethovenlb.com/classes/7SUlG/
Targets
-
-
Target
dfa9d4948809090797a951edffa5ea93_JaffaCakes118
-
Size
241KB
-
MD5
dfa9d4948809090797a951edffa5ea93
-
SHA1
1f3d636766c650733c7e66be530f345246005d2c
-
SHA256
5af58ca99bb8ab1c5502499b987781f73cc44491b3fa9e15c03d418cd84bea17
-
SHA512
733acec680d6ceaab2dc0085bd8ee1dca2090649c39a2d22326a8019102f044e8aaf077e61040ede7e4781e80d8b479617389a126334f68a96804fea7ec3e6cb
-
SSDEEP
3072:wYy0u8YGgjv+ZvchmkHcI/o1/Vb6///////////////////////////////////F:40uXnWFchmmcI/o1/dOftz
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-