Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
e5d7ca4e022fb8976aed952fa2cdcd53_JaffaCakes118
-
Size
217KB
-
Sample
240917-av8ctaxgnb
-
MD5
e5d7ca4e022fb8976aed952fa2cdcd53
-
SHA1
8d71d764149db173322ccab8143b08d5bb5a9e27
-
SHA256
48429c257fa735aaf623a4a81b69953fb68911921c744d7a990ab2efc2bf54af
-
SHA512
bce1b07ba8aa5a6e8cd8671ea99bfc94a0e291bf7682c049affeff146bd8c39b393a0822438da4db6c6bbc50d5079d6cf003ab09a28ef3d9721eeab43a673a5d
-
SSDEEP
6144:AO3T1X8jD5FI9RdIXhg4wjFciTU/ZMCM:AOD1X83TI9LIXSDjFbU/rM
Behavioral task
behavioral1
Sample
e5d7ca4e022fb8976aed952fa2cdcd53_JaffaCakes118.exe
Resource
win7-20240729-en
Malware Config
Extracted
metasploit
encoder/call4_dword_xor
Targets
-
-
Target
e5d7ca4e022fb8976aed952fa2cdcd53_JaffaCakes118
-
Size
217KB
-
MD5
e5d7ca4e022fb8976aed952fa2cdcd53
-
SHA1
8d71d764149db173322ccab8143b08d5bb5a9e27
-
SHA256
48429c257fa735aaf623a4a81b69953fb68911921c744d7a990ab2efc2bf54af
-
SHA512
bce1b07ba8aa5a6e8cd8671ea99bfc94a0e291bf7682c049affeff146bd8c39b393a0822438da4db6c6bbc50d5079d6cf003ab09a28ef3d9721eeab43a673a5d
-
SSDEEP
6144:AO3T1X8jD5FI9RdIXhg4wjFciTU/ZMCM:AOD1X83TI9LIXSDjFbU/rM
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Drops file in System32 directory
-