Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JaffaCakes118_5a0e73710ba67f3fee26ca0974b30c9b

  • Size

    78KB

  • Sample

    250101-sn6vhszlbt

  • MD5

    5a0e73710ba67f3fee26ca0974b30c9b

  • SHA1

    3ec0cb651838e32577d213fbb4c620cf8e496b5e

  • SHA256

    f2167a17e7bf4bc26e38a563c40d6179023978091d9407a3429645b943370e3d

  • SHA512

    d9d7e2df2d684fdcccc6cc0e002f8020ca4aa39fef63512b526f3c3db04be6f1d4e46e617ada493a7037c205a64ae500191044efc33d004d4d204c2b4868fad0

  • SSDEEP

    1536:DPWtHHM7t4XT0XRhyRjVf3hTzdEzcEGvCZ1Hc5RPuoYciQt69/81EP:DPWtHshASyRxvhTzXPvCbW2U69/7

Malware Config

Targets

    • Target

      JaffaCakes118_5a0e73710ba67f3fee26ca0974b30c9b

    • Size

      78KB

    • MD5

      5a0e73710ba67f3fee26ca0974b30c9b

    • SHA1

      3ec0cb651838e32577d213fbb4c620cf8e496b5e

    • SHA256

      f2167a17e7bf4bc26e38a563c40d6179023978091d9407a3429645b943370e3d

    • SHA512

      d9d7e2df2d684fdcccc6cc0e002f8020ca4aa39fef63512b526f3c3db04be6f1d4e46e617ada493a7037c205a64ae500191044efc33d004d4d204c2b4868fad0

    • SSDEEP

      1536:DPWtHHM7t4XT0XRhyRjVf3hTzdEzcEGvCZ1Hc5RPuoYciQt69/81EP:DPWtHshASyRxvhTzXPvCbW2U69/7

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

    • Metamorpherrat family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks