Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

8

f564011c2a...18.xls

windows7-x64

10

f564011c2a...18.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f564011c2aaf582fc5e7e9c95d5b6b44_JaffaCakes118

  • Size

    49KB

  • Sample

    240925-g6chvasgpc

  • MD5

    f564011c2aaf582fc5e7e9c95d5b6b44

  • SHA1

    65d02f58a19d9e2a5fd7f3e8906ae0c1cb0e1dfe

  • SHA256

    83016b48397789f5215cffc5c1cc223846736ce2d795fb14bc1f3f7b87af0fa1

  • SHA512

    e9ef93ab63b8d1f3710e04513ce6bdfefd186f616d65d67e9d94a8b30b924a6c6c4dd1ba0f9e2cb57e65b52400cab071002f6387348195bfa7e23fb9a06ca013

  • SSDEEP

    1536:YTvX/7uDphYHceXVhca+fMHLtyeGxcl8/dgeD6yzsF6BCKG6GJ+QP:G/7uDphYHceXVhca+fMHLtyeGxcl8/do

Score
10/10
discoverymacroxlm

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

http://matterandhome.com/twtao/222222.png

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

http://matterandhome.com/twtao/222222.png

Targets

    • Target

      f564011c2aaf582fc5e7e9c95d5b6b44_JaffaCakes118

    • Size

      49KB

    • MD5

      f564011c2aaf582fc5e7e9c95d5b6b44

    • SHA1

      65d02f58a19d9e2a5fd7f3e8906ae0c1cb0e1dfe

    • SHA256

      83016b48397789f5215cffc5c1cc223846736ce2d795fb14bc1f3f7b87af0fa1

    • SHA512

      e9ef93ab63b8d1f3710e04513ce6bdfefd186f616d65d67e9d94a8b30b924a6c6c4dd1ba0f9e2cb57e65b52400cab071002f6387348195bfa7e23fb9a06ca013

    • SSDEEP

      1536:YTvX/7uDphYHceXVhca+fMHLtyeGxcl8/dgeD6yzsF6BCKG6GJ+QP:G/7uDphYHceXVhca+fMHLtyeGxcl8/do

    Score
    10/10
    discovery

    • Process spawned suspicious child process

      This child process is typically not spawned unless (for example) the parent process crashes. This typically indicates the parent process was unsuccessfully compromised.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks