Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    efe3736fe4f5ba9b7aceb15270500679_JaffaCakes118

  • Size

    113KB

  • Sample

    240921-qng52sthmb

  • MD5

    efe3736fe4f5ba9b7aceb15270500679

  • SHA1

    ad66cb10dbcb4964ec640466d8304fe5741bed95

  • SHA256

    4eaa4e74021db2d124e6b5979cd2cda877a9d4a204f4b34430102e1989236d61

  • SHA512

    2ddd6ac3786c069a162e0cf8eb11a203ca2ea5692a1dab2b20ed9979903b43677cb1b6868d82c2e594f7e4828ccdcc9406e22d81f0d175b80d5dd60f287705a6

  • SSDEEP

    3072:jL2nmXmAXjuaenOuoV0zrbK7s+pcF7MNFwrK3xU+1:ntTzuVna0zr3ycF7MNFCsxU8

Malware Config

Extracted

Family

metasploit

Version

encoder/fnstenv_mov

Targets

    • Target

      efe3736fe4f5ba9b7aceb15270500679_JaffaCakes118

    • Size

      113KB

    • MD5

      efe3736fe4f5ba9b7aceb15270500679

    • SHA1

      ad66cb10dbcb4964ec640466d8304fe5741bed95

    • SHA256

      4eaa4e74021db2d124e6b5979cd2cda877a9d4a204f4b34430102e1989236d61

    • SHA512

      2ddd6ac3786c069a162e0cf8eb11a203ca2ea5692a1dab2b20ed9979903b43677cb1b6868d82c2e594f7e4828ccdcc9406e22d81f0d175b80d5dd60f287705a6

    • SSDEEP

      3072:jL2nmXmAXjuaenOuoV0zrbK7s+pcF7MNFwrK3xU+1:ntTzuVna0zr3ycF7MNFCsxU8

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks