Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
c2c2e6ae8520575a94623e9e829e0c30_JaffaCakes118
-
Size
128KB
-
Sample
241204-qtwkmasjhq
-
MD5
c2c2e6ae8520575a94623e9e829e0c30
-
SHA1
3c90c67d44cc3fed0167f4e222ab5beb235d7045
-
SHA256
dd8cad708f78fefe4c15605b7dfaf61af8e09f2e706f1098f57830b6b0cfe5d8
-
SHA512
3d688fe95053c5198bd0d448b38222c68134e157273e9aff97f2be68d8a9c7e59ef99f5aebf9a7e918573c2b3e2f4e377c6e482925f2279ee40746c4e58f4310
-
SSDEEP
3072:cwrNwsrQjlv7xDL/vyfX+HH/HpU8vb2KJJ:cwRvrM7hL/vyGHH/pU8qY
Malware Config
Extracted
metasploit
encoder/fnstenv_mov
Targets
-
-
Target
c2c2e6ae8520575a94623e9e829e0c30_JaffaCakes118
-
Size
128KB
-
MD5
c2c2e6ae8520575a94623e9e829e0c30
-
SHA1
3c90c67d44cc3fed0167f4e222ab5beb235d7045
-
SHA256
dd8cad708f78fefe4c15605b7dfaf61af8e09f2e706f1098f57830b6b0cfe5d8
-
SHA512
3d688fe95053c5198bd0d448b38222c68134e157273e9aff97f2be68d8a9c7e59ef99f5aebf9a7e918573c2b3e2f4e377c6e482925f2279ee40746c4e58f4310
-
SSDEEP
3072:cwrNwsrQjlv7xDL/vyfX+HH/HpU8vb2KJJ:cwRvrM7hL/vyGHH/pU8qY
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Metasploit family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Indicator Removal: File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity.
-
Drops file in System32 directory
-