Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    f8eb6d8ed55bd6263f1a83b467db0875_JaffaCakes118

  • Size

    46KB

  • Sample

    240926-wj74kazfmq

  • MD5

    f8eb6d8ed55bd6263f1a83b467db0875

  • SHA1

    3a4a34dad8d50821b9b73b02995e84aa4385f3fa

  • SHA256

    03e8f353230d6a82db548edcfa30e3285bca4f38ecafdf7081227079651a70e4

  • SHA512

    3cf4279f7354b0c8db29cf8ab1b2d8a79e42cd7ea8118e2293a629ba5d0abb71c19b9b6d1dda8a1816c7f314d8d480e2bfd48ece933518b7167c9d7738f2a251

  • SSDEEP

    768:V2D4HVnHQXNKaBXsB/PlhS8MfxIosEJ7S8I/RANfx6C86zVRo:HhBao3lQ8j07SdANr5K

Malware Config

Extracted

Family

metasploit

Version

encoder/call4_dword_xor

Targets

    • Target

      f8eb6d8ed55bd6263f1a83b467db0875_JaffaCakes118

    • Size

      46KB

    • MD5

      f8eb6d8ed55bd6263f1a83b467db0875

    • SHA1

      3a4a34dad8d50821b9b73b02995e84aa4385f3fa

    • SHA256

      03e8f353230d6a82db548edcfa30e3285bca4f38ecafdf7081227079651a70e4

    • SHA512

      3cf4279f7354b0c8db29cf8ab1b2d8a79e42cd7ea8118e2293a629ba5d0abb71c19b9b6d1dda8a1816c7f314d8d480e2bfd48ece933518b7167c9d7738f2a251

    • SSDEEP

      768:V2D4HVnHQXNKaBXsB/PlhS8MfxIosEJ7S8I/RANfx6C86zVRo:HhBao3lQ8j07SdANr5K

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    • Adds Run key to start application

    • Checks whether UAC is enabled

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks