Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
JaffaCakes118_ccceea17883ce2d8b6359860e717db9f
-
Size
516KB
-
Sample
250109-txb7yawpen
-
MD5
ccceea17883ce2d8b6359860e717db9f
-
SHA1
67ed6aeca5fdb5f5748036972ac5de0ec15c3fd2
-
SHA256
4ef0db06a1b818778567fdfa444af215d08232242ea65a44219738152d43a30b
-
SHA512
42fc310ee95a4d408f7006ba2a3e3e324d14f7d019633ab6530b4481210ccfbab9a0a105bae3a335197b3920804d84ac33750e9d21cc3c2f1a5893008aa3c983
-
SSDEEP
12288:3qzyLvFqJFTPIMKzY5M5+cwqZiBSdj3CcVEdc6qTIJC0:kcvFqNKk5Onhdj3CMEF
Static task
static1
Behavioral task
behavioral1
Sample
JaffaCakes118_ccceea17883ce2d8b6359860e717db9f.exe
Resource
win7-20240903-en
Malware Config
Extracted
formbook
4.1
snr6
jjglassmi1.com
vpsseattle.com
drfllc.top
staycoolonline.com
eptlove.com
solusimatasehat.site
ionrarecharlestonproperties.com
b3eflucg.xyz
tvchosun-usa.com
mmahzxwzsadqlshop.life
gospelimport.com
demoapps.website
jackburst54.com
99rocket.education
ccbwithbri.com
trapperairsoft.com
useroadly.com
ralphlaurenonline-nl.com
loanmaster4u.com
champ-beauty-tomigaoka-nail.com
theripemillennial.com
123intan.net
typopendant.com
coruscant.holdings
bio-intelligenz-therapie.com
reprv.com
directreport.net
phinespe.xyz
xuvedae.site
idilikproperties.info
wakigaggenin.com
mal2tech.com
nftwhaler.xyz
gxhnjssx.com
ozba.xyz
lecupcake.net
lucid.quest
kaleoslawncare.com
tiew.store
texcommercialpainting.com
2152351.com
likewize-xl.com
dacooligans.com
manuelmartinezs.com
beancusp.com
barbershopvalleyvillage.com
southwickfunerals.com
briellebaeslay.info
rebeccarye.com
unitedstateswelders.com
saudiarabiavegan.com
testcarona.com
serverapsd.com
crickx.email
hdszbj.com
bennettmountainoutfitter.com
leileilei1999.xyz
baroquefolke.com
francinegeorges.com
horpces.online
resolutionfix.com
mike-schultz.xyz
sohutobankueahomupezinkv.xyz
flowerseedqueen.com
reynbetgirisi.com
Targets
-
-
Target
JaffaCakes118_ccceea17883ce2d8b6359860e717db9f
-
Size
516KB
-
MD5
ccceea17883ce2d8b6359860e717db9f
-
SHA1
67ed6aeca5fdb5f5748036972ac5de0ec15c3fd2
-
SHA256
4ef0db06a1b818778567fdfa444af215d08232242ea65a44219738152d43a30b
-
SHA512
42fc310ee95a4d408f7006ba2a3e3e324d14f7d019633ab6530b4481210ccfbab9a0a105bae3a335197b3920804d84ac33750e9d21cc3c2f1a5893008aa3c983
-
SSDEEP
12288:3qzyLvFqJFTPIMKzY5M5+cwqZiBSdj3CcVEdc6qTIJC0:kcvFqNKk5Onhdj3CMEF
-
Formbook family
-
Formbook payload
-
Suspicious use of SetThreadContext
-