Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    9c9cd15bf8d7241ac4908a3d54c9c73e_JaffaCakes118

  • Size

    65KB

  • Sample

    241125-tvpp9a1rgn

  • MD5

    9c9cd15bf8d7241ac4908a3d54c9c73e

  • SHA1

    1e18a920d119cc0e12af595c8914342d4b949c00

  • SHA256

    b6090bc8c6abb34b1aea7d42b1b53b96ed00149d259cb3c855fbbd57aaf70083

  • SHA512

    1add85eb362c19d39917dd08594fc3ec219e9d92a220831aedaab514c3914c58b7744bcede14969db4f8d0179b0aba19925948939d161132d2c69eca1c6c54f7

  • SSDEEP

    1536:+5sc375Ab4EBanICQFuIiyd6gWHpkeaPRAER2ySTneV18DViC:+p5wfCQF92HpkeWpgySTneV1CVt

Malware Config

Extracted

Family

metasploit

Version

encoder/call4_dword_xor

Targets

    • Target

      9c9cd15bf8d7241ac4908a3d54c9c73e_JaffaCakes118

    • Size

      65KB

    • MD5

      9c9cd15bf8d7241ac4908a3d54c9c73e

    • SHA1

      1e18a920d119cc0e12af595c8914342d4b949c00

    • SHA256

      b6090bc8c6abb34b1aea7d42b1b53b96ed00149d259cb3c855fbbd57aaf70083

    • SHA512

      1add85eb362c19d39917dd08594fc3ec219e9d92a220831aedaab514c3914c58b7744bcede14969db4f8d0179b0aba19925948939d161132d2c69eca1c6c54f7

    • SSDEEP

      1536:+5sc375Ab4EBanICQFuIiyd6gWHpkeaPRAER2ySTneV18DViC:+p5wfCQF92HpkeWpgySTneV1CVt

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    • Metasploit family

    • Modifies firewall policy service

    • Modifies security service

    • Network Share Discovery

      Attempt to gather information on host network.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks