Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
JaffaCakes118_5a0e73710ba67f3fee26ca0974b30c9b
-
Size
78KB
-
Sample
250101-sn6vhszlbt
-
MD5
5a0e73710ba67f3fee26ca0974b30c9b
-
SHA1
3ec0cb651838e32577d213fbb4c620cf8e496b5e
-
SHA256
f2167a17e7bf4bc26e38a563c40d6179023978091d9407a3429645b943370e3d
-
SHA512
d9d7e2df2d684fdcccc6cc0e002f8020ca4aa39fef63512b526f3c3db04be6f1d4e46e617ada493a7037c205a64ae500191044efc33d004d4d204c2b4868fad0
-
SSDEEP
1536:DPWtHHM7t4XT0XRhyRjVf3hTzdEzcEGvCZ1Hc5RPuoYciQt69/81EP:DPWtHshASyRxvhTzXPvCbW2U69/7
Static task
static1
Behavioral task
behavioral1
Sample
JaffaCakes118_5a0e73710ba67f3fee26ca0974b30c9b.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
JaffaCakes118_5a0e73710ba67f3fee26ca0974b30c9b.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
JaffaCakes118_5a0e73710ba67f3fee26ca0974b30c9b
-
Size
78KB
-
MD5
5a0e73710ba67f3fee26ca0974b30c9b
-
SHA1
3ec0cb651838e32577d213fbb4c620cf8e496b5e
-
SHA256
f2167a17e7bf4bc26e38a563c40d6179023978091d9407a3429645b943370e3d
-
SHA512
d9d7e2df2d684fdcccc6cc0e002f8020ca4aa39fef63512b526f3c3db04be6f1d4e46e617ada493a7037c205a64ae500191044efc33d004d4d204c2b4868fad0
-
SSDEEP
1536:DPWtHHM7t4XT0XRhyRjVf3hTzdEzcEGvCZ1Hc5RPuoYciQt69/81EP:DPWtHshASyRxvhTzXPvCbW2U69/7
-
MetamorpherRAT
Metamorpherrat is a hacking tool that has been around for a while since 2013.
-
Metamorpherrat family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-