Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
9c9cd15bf8d7241ac4908a3d54c9c73e_JaffaCakes118
-
Size
65KB
-
Sample
241125-tvpp9a1rgn
-
MD5
9c9cd15bf8d7241ac4908a3d54c9c73e
-
SHA1
1e18a920d119cc0e12af595c8914342d4b949c00
-
SHA256
b6090bc8c6abb34b1aea7d42b1b53b96ed00149d259cb3c855fbbd57aaf70083
-
SHA512
1add85eb362c19d39917dd08594fc3ec219e9d92a220831aedaab514c3914c58b7744bcede14969db4f8d0179b0aba19925948939d161132d2c69eca1c6c54f7
-
SSDEEP
1536:+5sc375Ab4EBanICQFuIiyd6gWHpkeaPRAER2ySTneV18DViC:+p5wfCQF92HpkeWpgySTneV1CVt
Static task
static1
Behavioral task
behavioral1
Sample
9c9cd15bf8d7241ac4908a3d54c9c73e_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
9c9cd15bf8d7241ac4908a3d54c9c73e_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
metasploit
encoder/call4_dword_xor
Targets
-
-
Target
9c9cd15bf8d7241ac4908a3d54c9c73e_JaffaCakes118
-
Size
65KB
-
MD5
9c9cd15bf8d7241ac4908a3d54c9c73e
-
SHA1
1e18a920d119cc0e12af595c8914342d4b949c00
-
SHA256
b6090bc8c6abb34b1aea7d42b1b53b96ed00149d259cb3c855fbbd57aaf70083
-
SHA512
1add85eb362c19d39917dd08594fc3ec219e9d92a220831aedaab514c3914c58b7744bcede14969db4f8d0179b0aba19925948939d161132d2c69eca1c6c54f7
-
SSDEEP
1536:+5sc375Ab4EBanICQFuIiyd6gWHpkeaPRAER2ySTneV18DViC:+p5wfCQF92HpkeWpgySTneV1CVt
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Metasploit family
-
Modifies firewall policy service
-
Modifies security service
-
Drops file in System32 directory
-