Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
11b8ed7818b874e5ee7a1d1694637023_JaffaCakes118
-
Size
132KB
-
Sample
241004-ee5dfashmk
-
MD5
11b8ed7818b874e5ee7a1d1694637023
-
SHA1
c0bad45eb3f7b222146283d9b846977f8575a88b
-
SHA256
ca334a40d33507790776983aed820a0ea3d9e0fcddddd5024efd39e16cd7b4f6
-
SHA512
34d9aef98867f984f0dbc81b4e5ed99f4be769c3484f5e6c07046884c5291aecb4555791153307741c5b69fb11b298508ddfd9952d976435a7fceca9a1b2f222
-
SSDEEP
3072:Z+Fi+VjV3lj/HeWVbrzQ7ITkD2TLjvaw5D8:j+VVRa2r
Behavioral task
behavioral1
Sample
11b8ed7818b874e5ee7a1d1694637023_JaffaCakes118.xls
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
11b8ed7818b874e5ee7a1d1694637023_JaffaCakes118.xls
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
11b8ed7818b874e5ee7a1d1694637023_JaffaCakes118
-
Size
132KB
-
MD5
11b8ed7818b874e5ee7a1d1694637023
-
SHA1
c0bad45eb3f7b222146283d9b846977f8575a88b
-
SHA256
ca334a40d33507790776983aed820a0ea3d9e0fcddddd5024efd39e16cd7b4f6
-
SHA512
34d9aef98867f984f0dbc81b4e5ed99f4be769c3484f5e6c07046884c5291aecb4555791153307741c5b69fb11b298508ddfd9952d976435a7fceca9a1b2f222
-
SSDEEP
3072:Z+Fi+VjV3lj/HeWVbrzQ7ITkD2TLjvaw5D8:j+VVRa2r
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Deletes itself
-
Indicator Removal: File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity.
-
Process spawned suspicious child process
This child process is typically not spawned unless (for example) the parent process crashes. This typically indicates the parent process was unsuccessfully compromised.
-