Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
f01d6d3b9c98457e3843692915af1efa_JaffaCakes118
-
Size
241KB
-
Sample
240921-s52bcszela
-
MD5
f01d6d3b9c98457e3843692915af1efa
-
SHA1
dd4724db788347778cd9f8a15bb8e67e6e445739
-
SHA256
1dba1999448c671df16e2a851f3333c25852991b9e4e9218fe5f59c4892750b9
-
SHA512
c7f0210f9349734b4795539a44eac52788c64785213f9a2b2eb5c2bf188dd5202c7026e457be1e9d725a7ce1fbed60e6d46daabe84d76dd81cec18f0c210ad2f
-
SSDEEP
3072:wYy0u8YGgjv+ZvchmkHcI/o1/Vb6///////////////////////////////////j:40uXnWFchmmcI/o1/YOfAx
Behavioral task
behavioral1
Sample
f01d6d3b9c98457e3843692915af1efa_JaffaCakes118.doc
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
f01d6d3b9c98457e3843692915af1efa_JaffaCakes118.doc
Resource
win10v2004-20240802-en
Malware Config
Extracted
http://www.ksgresearch.org/LLC/z9B/
http://www.mitrausahacontrucion.com/multifunctional-section/X2v4XN/
http://daprofesional.com/data4/rsdbA1h/
http://degisimkalip.com.tr/wp-admin/ZML/
http://da-industrial.com/js/6GGA48AK/
http://cse-engineer.com/cgi-bin/BOiL/
http://casabeethovenlb.com/classes/7SUlG/
Targets
-
-
Target
f01d6d3b9c98457e3843692915af1efa_JaffaCakes118
-
Size
241KB
-
MD5
f01d6d3b9c98457e3843692915af1efa
-
SHA1
dd4724db788347778cd9f8a15bb8e67e6e445739
-
SHA256
1dba1999448c671df16e2a851f3333c25852991b9e4e9218fe5f59c4892750b9
-
SHA512
c7f0210f9349734b4795539a44eac52788c64785213f9a2b2eb5c2bf188dd5202c7026e457be1e9d725a7ce1fbed60e6d46daabe84d76dd81cec18f0c210ad2f
-
SSDEEP
3072:wYy0u8YGgjv+ZvchmkHcI/o1/Vb6///////////////////////////////////j:40uXnWFchmmcI/o1/YOfAx
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-