Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
6a39e3f3425409246d027f141aea485b_JaffaCakes118
-
Size
126KB
-
Sample
240724-e1sa1axhjp
-
MD5
6a39e3f3425409246d027f141aea485b
-
SHA1
8ecbc388daddfe316038a8913b68b8966fe87c52
-
SHA256
178a61d0fa02e1aeded63c9c17b27e7420689fdb8fd75740e4125484566aab89
-
SHA512
5b87a1a28eb665c5ea124e64d3603012f6af15afae279d1b83703908d57096b91ecfe9046d98095b951031dace4a4bf3b46c5eb5a8cf396d178d3b70b754928a
-
SSDEEP
3072:sNuLp9+wX4J99Mlf5HTRnG0VabujeEDEy8YTIb93eX1p1tV75pJBVDs1AQjylOyl:sNuLp9h4J99Mlf5HTRnG0VabujeEDEyz
Static task
static1
Behavioral task
behavioral1
Sample
6a39e3f3425409246d027f141aea485b_JaffaCakes118.vbs
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
6a39e3f3425409246d027f141aea485b_JaffaCakes118.vbs
Resource
win10v2004-20240709-en
Malware Config
Extracted
metasploit
encoder/shikata_ga_nai
Extracted
metasploit
windows/reverse_tcp
192.168.6.249:4444
Targets
-
-
Target
6a39e3f3425409246d027f141aea485b_JaffaCakes118
-
Size
126KB
-
MD5
6a39e3f3425409246d027f141aea485b
-
SHA1
8ecbc388daddfe316038a8913b68b8966fe87c52
-
SHA256
178a61d0fa02e1aeded63c9c17b27e7420689fdb8fd75740e4125484566aab89
-
SHA512
5b87a1a28eb665c5ea124e64d3603012f6af15afae279d1b83703908d57096b91ecfe9046d98095b951031dace4a4bf3b46c5eb5a8cf396d178d3b70b754928a
-
SSDEEP
3072:sNuLp9+wX4J99Mlf5HTRnG0VabujeEDEy8YTIb93eX1p1tV75pJBVDs1AQjylOyl:sNuLp9h4J99Mlf5HTRnG0VabujeEDEyz
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-