Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    ece603c81456294d88e05e0c42f81e51_JaffaCakes118

  • Size

    78KB

  • Sample

    240411-jeha5ahh4y

  • MD5

    ece603c81456294d88e05e0c42f81e51

  • SHA1

    d453f2c368bc49dfe91632747a43560835fafe4f

  • SHA256

    b01a9945d1ac0c4fcb81680837b580e07b56f830bbf61d5c1ca071f8618a3f5a

  • SHA512

    fc1fa4c58aef7639e3db9b689cc0a2edcc6fe8342f296a34441c22c999f44aff702940a92649efadea3bfa3a58381071ebb407b1f5bf3edac101a238baae07b3

  • SSDEEP

    1536:wuHY6M3xXT0XRhyRjVf3znOJTv3lcUK/+dWzCP7oYTcSQte99/y1+9:wuHYn3xSyRxvY3md+dWWZye99/J

Malware Config

Targets

    • Target

      ece603c81456294d88e05e0c42f81e51_JaffaCakes118

    • Size

      78KB

    • MD5

      ece603c81456294d88e05e0c42f81e51

    • SHA1

      d453f2c368bc49dfe91632747a43560835fafe4f

    • SHA256

      b01a9945d1ac0c4fcb81680837b580e07b56f830bbf61d5c1ca071f8618a3f5a

    • SHA512

      fc1fa4c58aef7639e3db9b689cc0a2edcc6fe8342f296a34441c22c999f44aff702940a92649efadea3bfa3a58381071ebb407b1f5bf3edac101a238baae07b3

    • SSDEEP

      1536:wuHY6M3xXT0XRhyRjVf3znOJTv3lcUK/+dWzCP7oYTcSQte99/y1+9:wuHYn3xSyRxvY3md+dWWZye99/J

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks