Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
27741e396045ff762288d6d0e384358e_JaffaCakes118
-
Size
80KB
-
Sample
240706-gkqhkszera
-
MD5
27741e396045ff762288d6d0e384358e
-
SHA1
2e88e014264b28eb025385686763ae66a32191aa
-
SHA256
324fb02e7aabaae28dced39d680c0819cb3986908726088a6584e572f745c9da
-
SHA512
6ba2da28922a9219c2611800c45446ee1aaa0e2729bbd8599f9f44bdf9e3cb269ced9f5c33c0352082603e0b107015e760b27597e9799b165fc15d8e4bcf2f0d
-
SSDEEP
1536:/gWgWt5NCgrLvk6JKLe7+nB7stedqiDV8Z3anehf9jMSEgluqdJ:4Wlt5sgAyABwtedqRxVjXVdJ
Static task
static1
Behavioral task
behavioral1
Sample
27741e396045ff762288d6d0e384358e_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
27741e396045ff762288d6d0e384358e_JaffaCakes118.exe
Resource
win10v2004-20240704-en
Malware Config
Extracted
metasploit
encoder/call4_dword_xor
Targets
-
-
Target
27741e396045ff762288d6d0e384358e_JaffaCakes118
-
Size
80KB
-
MD5
27741e396045ff762288d6d0e384358e
-
SHA1
2e88e014264b28eb025385686763ae66a32191aa
-
SHA256
324fb02e7aabaae28dced39d680c0819cb3986908726088a6584e572f745c9da
-
SHA512
6ba2da28922a9219c2611800c45446ee1aaa0e2729bbd8599f9f44bdf9e3cb269ced9f5c33c0352082603e0b107015e760b27597e9799b165fc15d8e4bcf2f0d
-
SSDEEP
1536:/gWgWt5NCgrLvk6JKLe7+nB7stedqiDV8Z3anehf9jMSEgluqdJ:4Wlt5sgAyABwtedqRxVjXVdJ
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Adds policy Run key to start application
-
Drops file in Drivers directory
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-