Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    85a9b80cf58ff00cbf501b77953bf31a_JaffaCakes118

  • Size

    452KB

  • Sample

    240810-l68nhavdpj

  • MD5

    85a9b80cf58ff00cbf501b77953bf31a

  • SHA1

    c99282e2337d76dbbdd1194ed07b2abb33eddd70

  • SHA256

    a6a9419dd8bc7a56eec6e3ff07ea0ebd933af587a76fd7c77b886353edbb1ac6

  • SHA512

    e8f2899b7220a1855b9b5ad56ac99387db7cd1477b9ea04775277c5f18c173d350e22c13172ecc4b66bd60e61296221754c43b81803f4077e26bdcf52aced6da

  • SSDEEP

    12288:zNo6BDYKR1kU+gLcnKNalKv1V0pjnGPzH:zNJkU+aqzAP0Nno

Malware Config

Extracted

Family

metasploit

Version

encoder/call4_dword_xor

Targets

    • Target

      85a9b80cf58ff00cbf501b77953bf31a_JaffaCakes118

    • Size

      452KB

    • MD5

      85a9b80cf58ff00cbf501b77953bf31a

    • SHA1

      c99282e2337d76dbbdd1194ed07b2abb33eddd70

    • SHA256

      a6a9419dd8bc7a56eec6e3ff07ea0ebd933af587a76fd7c77b886353edbb1ac6

    • SHA512

      e8f2899b7220a1855b9b5ad56ac99387db7cd1477b9ea04775277c5f18c173d350e22c13172ecc4b66bd60e61296221754c43b81803f4077e26bdcf52aced6da

    • SSDEEP

      12288:zNo6BDYKR1kU+gLcnKNalKv1V0pjnGPzH:zNJkU+aqzAP0Nno

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks