Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JaffaCakes118_34591d679ebcda6b3a01d4ded39697b4

  • Size

    78KB

  • Sample

    250106-xfbfvswmgl

  • MD5

    34591d679ebcda6b3a01d4ded39697b4

  • SHA1

    0700d95966b55257b6b07554312bb10c54e130fe

  • SHA256

    2885c1ea24661195291f87aa2b2bf673d2ee0ae80cda8f53d8415a0382f20d5f

  • SHA512

    0202b5a4b082e552008bebcc55ca5088a74662d42719f534b6568faf44e1f044266d2c9208a0bd1abd9fa91a3a721e2cc957eed51cbcb00a12bb266b3db63ffb

  • SSDEEP

    1536:w5jSYLT8hn2Ep7WzPdVj6Ju8B3AZ242UdIAkD4x3HT4hPVoYdVQti67a9/q1Da:w5jS+E2EwR4uY41HyvYja9/B

Malware Config

Targets

    • Target

      JaffaCakes118_34591d679ebcda6b3a01d4ded39697b4

    • Size

      78KB

    • MD5

      34591d679ebcda6b3a01d4ded39697b4

    • SHA1

      0700d95966b55257b6b07554312bb10c54e130fe

    • SHA256

      2885c1ea24661195291f87aa2b2bf673d2ee0ae80cda8f53d8415a0382f20d5f

    • SHA512

      0202b5a4b082e552008bebcc55ca5088a74662d42719f534b6568faf44e1f044266d2c9208a0bd1abd9fa91a3a721e2cc957eed51cbcb00a12bb266b3db63ffb

    • SSDEEP

      1536:w5jSYLT8hn2Ep7WzPdVj6Ju8B3AZ242UdIAkD4x3HT4hPVoYdVQti67a9/q1Da:w5jS+E2EwR4uY41HyvYja9/B

    • MetamorpherRAT

      Metamorpherrat is a hacking tool that has been around for a while since 2013.

    • Metamorpherrat family

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks