Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
ead32fb8ca704940236ce1797df91134_JaffaCakes118
-
Size
227KB
-
Sample
240919-h1nvcsxamq
-
MD5
ead32fb8ca704940236ce1797df91134
-
SHA1
3011daea928aa71abbc95d3c222e39e6d0a8dbb9
-
SHA256
52d3948a7b7e51eaaffe25134b76644c85282a1c9d5d5c199e8fdb36ffba6548
-
SHA512
2a678ec838ae494c164c773114bf49d6b06f715b978570adc0bf4b5241ad9e6b1d48006f1d41127968dc4432243b6eda431231e08e7c0052bdbeae50fc53fc29
-
SSDEEP
6144:wnLtNO2QZGmZyU39j1joP2lT7BjrLS9ms40m44Htz6veW:wnRNO2iGmB39j1kIT7Bmcs4O4Avd
Behavioral task
behavioral1
Sample
ead32fb8ca704940236ce1797df91134_JaffaCakes118.exe
Resource
win7-20240903-en
Malware Config
Extracted
metasploit
encoder/call4_dword_xor
Targets
-
-
Target
ead32fb8ca704940236ce1797df91134_JaffaCakes118
-
Size
227KB
-
MD5
ead32fb8ca704940236ce1797df91134
-
SHA1
3011daea928aa71abbc95d3c222e39e6d0a8dbb9
-
SHA256
52d3948a7b7e51eaaffe25134b76644c85282a1c9d5d5c199e8fdb36ffba6548
-
SHA512
2a678ec838ae494c164c773114bf49d6b06f715b978570adc0bf4b5241ad9e6b1d48006f1d41127968dc4432243b6eda431231e08e7c0052bdbeae50fc53fc29
-
SSDEEP
6144:wnLtNO2QZGmZyU39j1joP2lT7BjrLS9ms40m44Htz6veW:wnRNO2iGmB39j1kIT7Bmcs4O4Avd
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Drops file in System32 directory
-