Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
e40f628a6207516aad11623e6c8a04ff_JaffaCakes118
-
Size
120KB
-
Sample
240916-fhkc4szdrm
-
MD5
e40f628a6207516aad11623e6c8a04ff
-
SHA1
b49f3f28c09bfff68be2204d7b9deac34d87c3b4
-
SHA256
e455d831cd61395e72299761136903fda048bf1b2c31e485f78086a1e3793065
-
SHA512
f6142988310b77c78896e358fdcf708afc563696cae4a812d121048180abc201be615251ffc087b4e1d9b0ef3962ecd21070cfe7d4464f5d2cbde20f701a7786
-
SSDEEP
3072:ApnFjHocshZF6vnGt5VfkTooPtI0SDOKPr:0nzWF6GNkTtFItOCr
Static task
static1
Behavioral task
behavioral1
Sample
e40f628a6207516aad11623e6c8a04ff_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
e40f628a6207516aad11623e6c8a04ff_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
metasploit
encoder/call4_dword_xor
Targets
-
-
Target
e40f628a6207516aad11623e6c8a04ff_JaffaCakes118
-
Size
120KB
-
MD5
e40f628a6207516aad11623e6c8a04ff
-
SHA1
b49f3f28c09bfff68be2204d7b9deac34d87c3b4
-
SHA256
e455d831cd61395e72299761136903fda048bf1b2c31e485f78086a1e3793065
-
SHA512
f6142988310b77c78896e358fdcf708afc563696cae4a812d121048180abc201be615251ffc087b4e1d9b0ef3962ecd21070cfe7d4464f5d2cbde20f701a7786
-
SSDEEP
3072:ApnFjHocshZF6vnGt5VfkTooPtI0SDOKPr:0nzWF6GNkTtFItOCr
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-