Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    e7413f74d42ea5800098ed3e829e4482_JaffaCakes118

  • Size

    1.3MB

  • Sample

    240917-t6s7tataph

  • MD5

    e7413f74d42ea5800098ed3e829e4482

  • SHA1

    a948c60fbdc351f820ee2485a40ec770cb192043

  • SHA256

    2b8ca9167adfa1f750586e957d4ac4a0f5f3d260200167fb30e4b6caea9b0953

  • SHA512

    1fd09d2ce6a147163a7432c3a658f533a6ba130b1bc6ba493931976fd4c3d2a7845e11029bd0bbec08e7709ccfa1f93123ca4e6f24dc06f1df9c5681b85417c4

  • SSDEEP

    3072:wjY4C6zJKEmIjV0s4wg8ShB/V50GSSOEPCQ4gn2CPETEwabZlXLRsHfBg580f70+:MY4vgv9ZBn/oGpOfQsabRr8c7yg

Malware Config

Extracted

Family

metasploit

Version

encoder/fnstenv_mov

Targets

    • Target

      e7413f74d42ea5800098ed3e829e4482_JaffaCakes118

    • Size

      1.3MB

    • MD5

      e7413f74d42ea5800098ed3e829e4482

    • SHA1

      a948c60fbdc351f820ee2485a40ec770cb192043

    • SHA256

      2b8ca9167adfa1f750586e957d4ac4a0f5f3d260200167fb30e4b6caea9b0953

    • SHA512

      1fd09d2ce6a147163a7432c3a658f533a6ba130b1bc6ba493931976fd4c3d2a7845e11029bd0bbec08e7709ccfa1f93123ca4e6f24dc06f1df9c5681b85417c4

    • SSDEEP

      3072:wjY4C6zJKEmIjV0s4wg8ShB/V50GSSOEPCQ4gn2CPETEwabZlXLRsHfBg580f70+:MY4vgv9ZBn/oGpOfQsabRr8c7yg

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    • Modifies security service

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks