Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
bdc746e88d4aaa47d733f5860dc3b54a_JaffaCakes118
-
Size
54KB
-
Sample
240824-b851aazaqa
-
MD5
bdc746e88d4aaa47d733f5860dc3b54a
-
SHA1
a2ee14a805478d1bfdd4ebddeead644b7bdafe9d
-
SHA256
c283810c6aa3866b4a017356c25c2cc2b1b1fcf0df8479b021370e2df0a70c0c
-
SHA512
e3f7766a297e97c1ca5ff0171030a0f095280fbe529499f23775cadd2979ca5406e1fd630926c26b22a12430e44f5820a15108fcba0019648b7e408eb4323277
-
SSDEEP
768:sqkYtA7cmPNu/o1DZqTTe8P5hUbYAuCKzVHWvdAy39QS7fRKfFDpPMMCE1:sq7AER/3TAu/xWvdA4Q8fYtpUMv1
Static task
static1
Behavioral task
behavioral1
Sample
bdc746e88d4aaa47d733f5860dc3b54a_JaffaCakes118.dll
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
bdc746e88d4aaa47d733f5860dc3b54a_JaffaCakes118.dll
Resource
win10v2004-20240802-en
Malware Config
Extracted
metasploit
encoder/fnstenv_mov
Targets
-
-
Target
bdc746e88d4aaa47d733f5860dc3b54a_JaffaCakes118
-
Size
54KB
-
MD5
bdc746e88d4aaa47d733f5860dc3b54a
-
SHA1
a2ee14a805478d1bfdd4ebddeead644b7bdafe9d
-
SHA256
c283810c6aa3866b4a017356c25c2cc2b1b1fcf0df8479b021370e2df0a70c0c
-
SHA512
e3f7766a297e97c1ca5ff0171030a0f095280fbe529499f23775cadd2979ca5406e1fd630926c26b22a12430e44f5820a15108fcba0019648b7e408eb4323277
-
SSDEEP
768:sqkYtA7cmPNu/o1DZqTTe8P5hUbYAuCKzVHWvdAy39QS7fRKfFDpPMMCE1:sq7AER/3TAu/xWvdA4Q8fYtpUMv1
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Blocklisted process makes network request
-
Server Software Component: Terminal Services DLL
-
Sets service image path in registry
-
Impair Defenses: Safe Mode Boot
-