Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

8

0dcea985d2...18.xls

windows7-x64

10

0dcea985d2...18.xls

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0dcea985d2ecc264cce1e8ee24ceb5a4_JaffaCakes118

  • Size

    36KB

  • Sample

    241003-ejvd2axcjb

  • MD5

    0dcea985d2ecc264cce1e8ee24ceb5a4

  • SHA1

    41af17194512f48e1775ec62258f1b45815fb781

  • SHA256

    0b0ec18533806854a47fd677fa68b018ba32b9a682ee1f600adec21a37837288

  • SHA512

    489b6a58d77c8ba78d021aac45d0688ee8cea6d569d72ebda2a7baad7488ea388e7f3c16c3936c34c08f486b7be51e985de6f9bb119ebf2b46490bcc6f4424ad

  • SSDEEP

    768:5PqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJ4Yi5lAUA1bpxDNH:Rok3hbdlylKsgqopeJBWhZFGkE+cL2NM

Score
10/10
discoverymacroxlm

Malware Config

Extracted

Language
xlm4.0
Source
URLs
xlm40.dropper

https://skill.fashion/wp-data.php

Targets

    • Target

      0dcea985d2ecc264cce1e8ee24ceb5a4_JaffaCakes118

    • Size

      36KB

    • MD5

      0dcea985d2ecc264cce1e8ee24ceb5a4

    • SHA1

      41af17194512f48e1775ec62258f1b45815fb781

    • SHA256

      0b0ec18533806854a47fd677fa68b018ba32b9a682ee1f600adec21a37837288

    • SHA512

      489b6a58d77c8ba78d021aac45d0688ee8cea6d569d72ebda2a7baad7488ea388e7f3c16c3936c34c08f486b7be51e985de6f9bb119ebf2b46490bcc6f4424ad

    • SSDEEP

      768:5PqNk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJ4Yi5lAUA1bpxDNH:Rok3hbdlylKsgqopeJBWhZFGkE+cL2NM

    Score
    10/10
    discovery

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks