Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
85a9b80cf58ff00cbf501b77953bf31a_JaffaCakes118
-
Size
452KB
-
Sample
240810-l68nhavdpj
-
MD5
85a9b80cf58ff00cbf501b77953bf31a
-
SHA1
c99282e2337d76dbbdd1194ed07b2abb33eddd70
-
SHA256
a6a9419dd8bc7a56eec6e3ff07ea0ebd933af587a76fd7c77b886353edbb1ac6
-
SHA512
e8f2899b7220a1855b9b5ad56ac99387db7cd1477b9ea04775277c5f18c173d350e22c13172ecc4b66bd60e61296221754c43b81803f4077e26bdcf52aced6da
-
SSDEEP
12288:zNo6BDYKR1kU+gLcnKNalKv1V0pjnGPzH:zNJkU+aqzAP0Nno
Behavioral task
behavioral1
Sample
85a9b80cf58ff00cbf501b77953bf31a_JaffaCakes118.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
85a9b80cf58ff00cbf501b77953bf31a_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
metasploit
encoder/call4_dword_xor
Targets
-
-
Target
85a9b80cf58ff00cbf501b77953bf31a_JaffaCakes118
-
Size
452KB
-
MD5
85a9b80cf58ff00cbf501b77953bf31a
-
SHA1
c99282e2337d76dbbdd1194ed07b2abb33eddd70
-
SHA256
a6a9419dd8bc7a56eec6e3ff07ea0ebd933af587a76fd7c77b886353edbb1ac6
-
SHA512
e8f2899b7220a1855b9b5ad56ac99387db7cd1477b9ea04775277c5f18c173d350e22c13172ecc4b66bd60e61296221754c43b81803f4077e26bdcf52aced6da
-
SSDEEP
12288:zNo6BDYKR1kU+gLcnKNalKv1V0pjnGPzH:zNJkU+aqzAP0Nno
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-