Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    e4fadd2671f0024fa398fca80b0b61bd_JaffaCakes118

  • Size

    3.3MB

  • Sample

    240916-rymzqasgka

  • MD5

    e4fadd2671f0024fa398fca80b0b61bd

  • SHA1

    665dc0b9e2acd1125dfcd13c283becb397e97921

  • SHA256

    3c46546df7d3a157dfd03c2ea3e82d41d03a0c9fbdb29f59f0a32070cf5bc78a

  • SHA512

    7f11abbefc2c3d259522f1abc1e3381540d79920a04f77504929064c1b8ad6a7636b8657801be4236a7385f816d65071743109a3bfec7bfd10a9000308373135

  • SSDEEP

    6144:YWPMQQNV7JzLqwjDV3saQeNlFcWoVCEtvOzatiSIh:vJQR9RQeNjZowEtv8iiSG

Malware Config

Extracted

Family

metasploit

Version

encoder/call4_dword_xor

Targets

    • Target

      e4fadd2671f0024fa398fca80b0b61bd_JaffaCakes118

    • Size

      3.3MB

    • MD5

      e4fadd2671f0024fa398fca80b0b61bd

    • SHA1

      665dc0b9e2acd1125dfcd13c283becb397e97921

    • SHA256

      3c46546df7d3a157dfd03c2ea3e82d41d03a0c9fbdb29f59f0a32070cf5bc78a

    • SHA512

      7f11abbefc2c3d259522f1abc1e3381540d79920a04f77504929064c1b8ad6a7636b8657801be4236a7385f816d65071743109a3bfec7bfd10a9000308373135

    • SSDEEP

      6144:YWPMQQNV7JzLqwjDV3saQeNlFcWoVCEtvOzatiSIh:vJQR9RQeNjZowEtv8iiSG

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.