Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
e7413f74d42ea5800098ed3e829e4482_JaffaCakes118
-
Size
1.3MB
-
Sample
240917-t6s7tataph
-
MD5
e7413f74d42ea5800098ed3e829e4482
-
SHA1
a948c60fbdc351f820ee2485a40ec770cb192043
-
SHA256
2b8ca9167adfa1f750586e957d4ac4a0f5f3d260200167fb30e4b6caea9b0953
-
SHA512
1fd09d2ce6a147163a7432c3a658f533a6ba130b1bc6ba493931976fd4c3d2a7845e11029bd0bbec08e7709ccfa1f93123ca4e6f24dc06f1df9c5681b85417c4
-
SSDEEP
3072:wjY4C6zJKEmIjV0s4wg8ShB/V50GSSOEPCQ4gn2CPETEwabZlXLRsHfBg580f70+:MY4vgv9ZBn/oGpOfQsabRr8c7yg
Static task
static1
Behavioral task
behavioral1
Sample
e7413f74d42ea5800098ed3e829e4482_JaffaCakes118.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
e7413f74d42ea5800098ed3e829e4482_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
metasploit
encoder/fnstenv_mov
Targets
-
-
Target
e7413f74d42ea5800098ed3e829e4482_JaffaCakes118
-
Size
1.3MB
-
MD5
e7413f74d42ea5800098ed3e829e4482
-
SHA1
a948c60fbdc351f820ee2485a40ec770cb192043
-
SHA256
2b8ca9167adfa1f750586e957d4ac4a0f5f3d260200167fb30e4b6caea9b0953
-
SHA512
1fd09d2ce6a147163a7432c3a658f533a6ba130b1bc6ba493931976fd4c3d2a7845e11029bd0bbec08e7709ccfa1f93123ca4e6f24dc06f1df9c5681b85417c4
-
SSDEEP
3072:wjY4C6zJKEmIjV0s4wg8ShB/V50GSSOEPCQ4gn2CPETEwabZlXLRsHfBg580f70+:MY4vgv9ZBn/oGpOfQsabRr8c7yg
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Modifies security service
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-