Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

JaffaCakes...92.exe

windows7-x64

1

JaffaCakes...92.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_542a85bf2dd3eb90347b0e16f1724638be1463c1fc333ad471af402e85a70292

  • Size

    188KB

  • MD5

    3f1c4ae6b5748ec905e178af8c5213d6

  • SHA1

    99b4efd92b2739be250745b14b271fc99fb27d7f

  • SHA256

    542a85bf2dd3eb90347b0e16f1724638be1463c1fc333ad471af402e85a70292

  • SHA512

    153cfb67b23a01f412451397182e37593c28213610faf39a34e7c4a6b1f11d5696e7d8a7a2116dd67cc8e0d5278c552743d9bcf05c5ec3fccc30f54082339b55

  • SSDEEP

    3072:N77CEOouu+G/j3VQrqsKqsF/jKUrG2SPPQYnDepDUo7Cl:kqLVWYqsF/MepzC

Score
10/10
ratb16bformbook

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

b16b

Decoy

tiffanychilds.com

qzenfood.com

bjshxxw.com

farmersdaughterdelivery.com

tafkcleaningservices.com

algofan.lease

qichev.com

cryptobuyer.site

suabinhnonglanh365.com

maizhuanji.com

alirbad.com

myfloaty.com

rebillionares.com

seafiw.com

b1khcj.com

designmehndi.com

careerguru.net

beijingbluestar-tech.com

bo426.com

ttmhkpzmz.com

Signatures

  • Formbook family
    formbook
  • Formbook payload 1 IoCs
    rat
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • JaffaCakes118_542a85bf2dd3eb90347b0e16f1724638be1463c1fc333ad471af402e85a70292
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.