Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
e8cd94209fa88d7b99a6bbc21738b947_JaffaCakes118
-
Size
78KB
-
Sample
240409-ax6l1aca8s
-
MD5
e8cd94209fa88d7b99a6bbc21738b947
-
SHA1
40a923b789cd455468e80123c1acac6a3681440e
-
SHA256
a78d29187a50431c5865c0e25979055dfb76737a12c2bfdee725013d056fe471
-
SHA512
2c798e7f729986392e71eb0d50f476fc29629ef408d31e3e306a4fc9a01880929e05b4147b0d2cd662612ea1ba4bd8866bfac634e08c4454ac65745d65b62ca4
-
SSDEEP
1536:aPWV58eLT8hn2Ep7WzPdVj6Ju8B3AZ242UdIAkD4x3HT4hPVoYdVQti6T9/m1RS:aPWV58gE2EwR4uY41HyvYr9/7
Static task
static1
Behavioral task
behavioral1
Sample
e8cd94209fa88d7b99a6bbc21738b947_JaffaCakes118.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
e8cd94209fa88d7b99a6bbc21738b947_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
e8cd94209fa88d7b99a6bbc21738b947_JaffaCakes118
-
Size
78KB
-
MD5
e8cd94209fa88d7b99a6bbc21738b947
-
SHA1
40a923b789cd455468e80123c1acac6a3681440e
-
SHA256
a78d29187a50431c5865c0e25979055dfb76737a12c2bfdee725013d056fe471
-
SHA512
2c798e7f729986392e71eb0d50f476fc29629ef408d31e3e306a4fc9a01880929e05b4147b0d2cd662612ea1ba4bd8866bfac634e08c4454ac65745d65b62ca4
-
SSDEEP
1536:aPWV58eLT8hn2Ep7WzPdVj6Ju8B3AZ242UdIAkD4x3HT4hPVoYdVQti6T9/m1RS:aPWV58gE2EwR4uY41HyvYr9/7
Score10/10-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-