Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
246284cbcfe1cb851bada6dd84b70e80_JaffaCakes118
-
Size
254KB
-
Sample
241008-ydm8baydqn
-
MD5
246284cbcfe1cb851bada6dd84b70e80
-
SHA1
1cba6dcea6d3ddf86438c3107d38620a52ca1417
-
SHA256
20b597d93eb4d2b2bc15ff25aebb0d171918f99047c31f6eb728833967c8c37f
-
SHA512
30553c9438443932f52897c0a8833ec86e37a9e256ab13b3102bda51346b12bb561718fc1d570a091d64beae4527f41f9b5c709b990c35c52472c32d067b478e
-
SSDEEP
6144:cHELyizo4hTiZM9bCQUO0NAMlfmptut/AKkkBBiQd/PE:c7is4UZ3NxlSiYKPMQJM
Static task
static1
Behavioral task
behavioral1
Sample
246284cbcfe1cb851bada6dd84b70e80_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
246284cbcfe1cb851bada6dd84b70e80_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
formbook
4.1
ckvl
buketmert.com
hodu61.net
avenuecaca.com
kays.kitchen
8ky4.com
pretty-zoo.com
ds613.com
sacramentohemorrhoidcenter.com
icbcpd.com
zzinpick.com
cloudtestingrules.com
2020-especial-em-casa.com
lapdwde83.club
misionsanlorenzo.com
neenaknows.com
jlsqjjz.com
cazconstructionservices.com
ashihun75.icu
elvantage.com
youmovies.site
kenpofive.com
zodiacloud.com
cbinventory.com
jkk8.com
nuevamoneda.com
baby-gene.com
corona-flights.com
azxped.com
kinguest.com
drilling.world
lifewithsideofextrahappy.com
musiklektioner.com
nextgenloan.com
bidesat.net
refereetrain.com
onlineshopgr.com
galwooddesign.com
sonesea.com
odysseydawn.com
mf2marketing.com
sasauranai.xyz
eskisehiryaklasim.com
hottradebuzz.com
referralsender.com
dubaidining.com
korupanorama.com
cutbutchery.com
atlerz.com
houseofluxuryorganics.com
fmdllfdlfdfdf.com
soldorse.com
clv-poc-dev.net
jpystablecoin.com
theindianmariners.com
hqprofesional.com
xn--losxvdemissueos-brb.com
primehome-inspections.com
inqueten.com
buzzlocate.com
atomefme.net
ccmponline.com
buscaria.com
naspartners.com
techbun.net
verlan.guru
Targets
-
-
Target
246284cbcfe1cb851bada6dd84b70e80_JaffaCakes118
-
Size
254KB
-
MD5
246284cbcfe1cb851bada6dd84b70e80
-
SHA1
1cba6dcea6d3ddf86438c3107d38620a52ca1417
-
SHA256
20b597d93eb4d2b2bc15ff25aebb0d171918f99047c31f6eb728833967c8c37f
-
SHA512
30553c9438443932f52897c0a8833ec86e37a9e256ab13b3102bda51346b12bb561718fc1d570a091d64beae4527f41f9b5c709b990c35c52472c32d067b478e
-
SSDEEP
6144:cHELyizo4hTiZM9bCQUO0NAMlfmptut/AKkkBBiQd/PE:c7is4UZ3NxlSiYKPMQJM
-
Formbook payload
-
Suspicious use of SetThreadContext
-